Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion cms vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-6069
Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any tag, and can optionally insert XSS via the tags parameter.
Intelliants Subrion Cms 4.0.5
8.8
CVSSv3
CVE-2021-43464
A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval().
Intelliants Subrion Cms 4.2.1
NA
CVE-2012-5452
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) multi_title parameter to blocks/add/; (2) cost, (3) days, or (4) title[en] parameter to plans/add/; (5) name or (6) title[en] p...
Intelliants Subrion Cms 2.2.1
1 EDB exploit
6.1
CVSSv3
CVE-2023-43875
Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local malicious user to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail.
Intelliants Subrion Cms 4.2.1
4.8
CVSSv3
CVE-2018-16629
panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.
Intelliants Subrion Cms 4.2.1
5.4
CVSSv3
CVE-2018-16631
Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SITE TITLE parameter.
Intelliants Subrion Cms 4.2.1
6.1
CVSSv3
CVE-2019-11406
Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.
Intelliants Subrion Cms 4.2.1
6.1
CVSSv3
CVE-2022-43120
A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.
Intelliants Subrion Cms 4.2.1
6.1
CVSSv3
CVE-2022-43121
A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.
Intelliants Subrion Cms 4.2.1
NA
CVE-2011-5211
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote malicious users to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
Intelliants Subrion Cms 2.0.4
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »