Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants subrion vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-18325
Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel.
Intelliants Subrion Cms 4.2.1
1 Github repository
8.8
CVSSv3
CVE-2020-18326
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
Intelliants Subrion Cms 4.2.1
1 Github repository
7.2
CVSSv3
CVE-2018-19422
/panel/uploads in Subrion CMS 4.2.1 allows remote malicious users to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
Intelliants Subrion Cms 4.2.1
2 Github repositories
9.8
CVSSv3
CVE-2017-6013
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
Intelliants Subrion Cms 4.0.5.10
8.8
CVSSv3
CVE-2017-6066
Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker can perform any Edit Language action, and can optionally insert XSS via the title parameter.
Intelliants Subrion Cms 4.0.5
8.8
CVSSv3
CVE-2017-6068
Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter.
Intelliants Subrion Cms 4.0.5
5.4
CVSSv3
CVE-2020-22392
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file.
Intelliants Subrion Cms 4.2.2
8.8
CVSSv3
CVE-2017-6002
Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/. The attacker can add any blog entry, and can optionally insert XSS into that entry via the body parameter.
Intelliants Subrion Cms 4.0.5.10
6.1
CVSSv3
CVE-2020-35437
Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.
Intelliants Subrion Cms 4.2.1
8.8
CVSSv3
CVE-2017-18366
Subrion CMS 4.1.5 has CSRF in blog/delete/.
Intelliants Subrion Cms 4.1.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »