Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-46947
Subrion 4.2.1 has a remote command execution vulnerability in the backend.
Intelliants Subrion 4.2.1
NA
CVE-2011-5211
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote malicious users to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
Intelliants Subrion Cms 2.0.4
1 EDB exploit
NA
CVE-2011-5212
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote malicious users to execute arbitrary SQL commands via the (1) user name or (2) password field.
Intelliants Subrion Cms 2.0.4
1 EDB exploit
NA
CVE-2012-5452
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) multi_title parameter to blocks/add/; (2) cost, (3) days, or (4) title[en] parameter to plans/add/; (5) name or (6) title[en] p...
Intelliants Subrion Cms 2.2.1
1 EDB exploit
8.8
CVSSv3
CVE-2017-6002
Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add any blog entry, and can optionally insert XSS into that entry via the body parameter.
Intelliants Subrion Cms 4.0.5.10
9.8
CVSSv3
CVE-2017-6013
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
Intelliants Subrion Cms 4.0.5.10
8.8
CVSSv3
CVE-2017-6066
Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker can perform any Edit Language action, and can optionally insert XSS via the title parameter.
Intelliants Subrion Cms 4.0.5
8.8
CVSSv3
CVE-2017-6068
Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter.
Intelliants Subrion Cms 4.0.5
8.8
CVSSv3
CVE-2017-6069
Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any tag, and can optionally insert XSS via the tags parameter.
Intelliants Subrion Cms 4.0.5
7.2
CVSSv3
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote malicious users to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
Intelliants Subrion Cms 4.2.1
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »