Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2020-12468
Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to phrases/add/ and languages/download/.
Intelliants Subrion 4.2.1
670
VMScore
CVE-2017-11444
Subrion CMS prior to 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.
Intelliants Subrion Cms
668
VMScore
CVE-2017-11445
Subrion CMS prior to 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array.
Intelliants Subrion Cms
312
VMScore
CVE-2019-7356
Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.
Intelliants Subrion 4.2.1
383
VMScore
CVE-2018-15563
_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.
Intelliants Subrion 4.2.1
570
VMScore
CVE-2020-12467
Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie.
Intelliants Subrion 4.2.1
312
VMScore
CVE-2018-16327
There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.
Intelliants Subrion 4.2.1
668
VMScore
CVE-2020-18155
SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.
Intelliants Subrion 4.2.1
383
VMScore
CVE-2017-10795
Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows remote malicious users to inject arbitrary web script or HTML via the body to blog/add/, a different vulnerability than CVE-2017-6069.
Intelliants Subrion 4.1.4
383
VMScore
CVE-2019-20389
An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the v[language_switch] parameter (within multipart/form-data), which is reflected back within a user's browser without p...
Intelliants Subrion 4.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »