Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subrion subrion cms 4.2.1 vulnerabilities and exploits
(subscribe to this query)
606
VMScore
CVE-2019-7357
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins.
Intelliants Subrion Cms 4.2.1
NA
CVE-2022-37059
Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows malicious user to inject arbitrary code via Login Field
Intelliants Subrion Cms 4.2.1
1 Github repository
383
VMScore
CVE-2019-11406
Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.
Intelliants Subrion Cms 4.2.1
312
VMScore
CVE-2018-16629
panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.
Intelliants Subrion Cms 4.2.1
312
VMScore
CVE-2018-16631
Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SITE TITLE parameter.
Intelliants Subrion Cms 4.2.1
580
VMScore
CVE-2021-41947
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.
Intelliants Subrion Cms 4.2.1
578
VMScore
CVE-2021-43464
A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval().
Intelliants Subrion Cms 4.2.1
383
VMScore
CVE-2020-18325
Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel.
Intelliants Subrion Cms 4.2.1
1 Github repository
435
VMScore
CVE-2018-14840
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).
Intelliants Subrion 4.2.1
1 EDB exploit
312
VMScore
CVE-2019-7356
Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.
Intelliants Subrion 4.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »