Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
intelliants vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-43830
A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or ...
Intelliants Subrion 4.2.1
NA
CVE-2010-4504
Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat Directory 2.3 allow remote malicious users to inject arbitrary web script or HTML via the title parameter to (1) suggest-category.php and (2) suggest-listing.php.
Intelliants Esyndicat 2.3
5.4
CVSSv3
CVE-2023-43884
A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.
Intelliants Subrion 4.2.1
8.1
CVSSv3
CVE-2019-20390
A Cross-Site Request Forgery (CSRF) vulnerability exists in Subrion CMS 4.2.1 that allows a remote malicious user to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to vali...
Intelliants Subrion 4.2.1
9.8
CVSSv3
CVE-2017-11444
Subrion CMS prior to 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.
Intelliants Subrion Cms
9.8
CVSSv3
CVE-2017-11445
Subrion CMS prior to 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array.
Intelliants Subrion Cms
5.4
CVSSv3
CVE-2019-7356
Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.
Intelliants Subrion 4.2.1
6.1
CVSSv3
CVE-2018-14840
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).
Intelliants Subrion 4.2.1
1 EDB exploit
NA
CVE-2008-6924
Multiple cross-site scripting (XSS) vulnerabilities in register.php in eSyndiCat Directory 2.2 allow remote malicious users to inject arbitrary web script or HTML via the (1) username, (2) email, (3) password, (4) password2, (5) security_code, and (6) register parameters.
Intelliants Esyndicat 2.2
1 EDB exploit
9.8
CVSSv3
CVE-2020-18155
SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.
Intelliants Subrion 4.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »