Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2012-4773
Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an administrator account ...
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
Intelliants Subrion Cms 2.2.1
Intelliants Subrion Cms 2.2.0
2 EDB exploits
4.3
CVSSv2
CVE-2012-4771
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS prior to 2.2.3 allow remote malicious users to inject arbitrary web script or HTML via the id parameter to (1) admin/accounts/, (2) admin/manage/, or (3) admin/manage/blocks/edit/; or (4) group parameter to admin/...
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
Intelliants Subrion Cms 2.2.1
1 EDB exploit
7.5
CVSSv2
CVE-2012-4772
SQL injection vulnerability in register/ in Subrion CMS prior to 2.2.3 allows remote malicious users to execute arbitrary SQL commands via the plan_id parameter.
Intelliants Subrion Cms 2.2.1
Intelliants Subrion Cms 2.2.0
Intelliants Subrion Cms 2.0.4
Intelliants Subrion Cms
1 EDB exploit
4.3
CVSSv2
CVE-2020-23761
Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote malicious users to execute arbitrary web script via the "payment gateway" column on transactions tab.
Intelliants Subrion
6.8
CVSSv2
CVE-2017-15063
There are CSRF vulnerabilities in Subrion CMS 4.1.x up to and including 4.1.5, and prior to 4.2.0, because of a logic error. Although there is functionality to detect CSRF, it is called too late in the ia.core.php code, allowing (for example) an attack against the query parameter...
Intelliants Subrion
4.3
CVSSv2
CVE-2014-9120
Cross-site scripting (XSS) vulnerability in Subrion CMS prior to 3.2.3 allows remote malicious users to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/.
Intelliants Subrion
6.8
CVSSv2
CVE-2018-21037
Subrion CMS 4.1.5 (and possibly earlier versions) allow CSRF to change the administrator password via the panel/members/edit/1 URI.
Intelliants Subrion
5.5
CVSSv2
CVE-2020-12469
admin/blocks.php in Subrion CMS up to and including 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.
Intelliants Subrion
3.5
CVSSv2
CVE-2021-41948
A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of subjects".
Intelliants Subrion
4.3
CVSSv2
CVE-2018-11317
Subrion CMS prior to 4.1.4 has XSS.
Intelliants Subrion
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654
CVE-2024-2757
authentication bypass
CVE-2024-3194
CVE-2024-33640
CVE-2024-21111
dos
insecure direct object reference
CVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »