Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2015-4129
SQL injection vulnerability in Subrion CMS prior to 3.3.3 allows remote authenticated users to execute arbitrary SQL commands via modified serialized data in a salt cookie.
Intelliants Subrion Cms
NA
CVE-2023-43875
Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local malicious user to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail.
Intelliants Subrion Cms 4.2.1
NA
CVE-2022-43120
A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.
Intelliants Subrion Cms 4.2.1
NA
CVE-2022-43121
A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.
Intelliants Subrion Cms 4.2.1
4.3
CVSSv2
CVE-2019-11406
Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.
Intelliants Subrion Cms 4.2.1
3.5
CVSSv2
CVE-2018-16629
panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.
Intelliants Subrion Cms 4.2.1
4.3
CVSSv2
CVE-2011-5211
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote malicious users to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
Intelliants Subrion Cms 2.0.4
1 EDB exploit
NA
CVE-2022-37059
Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows malicious user to inject arbitrary code via Login Field
Intelliants Subrion Cms 4.2.1
1 Github repository
6.8
CVSSv2
CVE-2019-7357
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deactivate the plugins.
Intelliants Subrion Cms 4.2.1
4.3
CVSSv2
CVE-2020-18324
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template.
Intelliants Subrion Cms 4.2.1
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »