Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subrion vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-23761
Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote malicious users to execute arbitrary web script via the "payment gateway" column on transactions tab.
Intelliants Subrion
4.3
CVSSv2
CVE-2018-11317
Subrion CMS prior to 4.1.4 has XSS.
Intelliants Subrion
6.5
CVSSv2
CVE-2015-4129
SQL injection vulnerability in Subrion CMS prior to 3.3.3 allows remote authenticated users to execute arbitrary SQL commands via modified serialized data in a salt cookie.
Intelliants Subrion Cms
7.5
CVSSv2
CVE-2017-5543
includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote malicious users to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request.
Intelliants Subrion 4.0.5
4.3
CVSSv2
CVE-2018-15563
_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.
Intelliants Subrion 4.2.1
6.4
CVSSv2
CVE-2020-12467
Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie.
Intelliants Subrion 4.2.1
6.8
CVSSv2
CVE-2020-12468
Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to phrases/add/ and languages/download/.
Intelliants Subrion 4.2.1
3.5
CVSSv2
CVE-2019-17225
Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Admin Member JSON Update" issue.
Intelliants Subrion 4.2.1
1 EDB exploit
4.3
CVSSv2
CVE-2020-22330
Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the title when adding a page.
Intelliants Subrion 4.2.1
4.3
CVSSv2
CVE-2017-10795
Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows remote malicious users to inject arbitrary web script or HTML via the body to blog/add/, a different vulnerability than CVE-2017-6069.
Intelliants Subrion 4.1.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »