Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subrion vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-43828
A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Subrion v4.2.1 allow malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into 'Title' parameter.
Intelliants Subrion 4.2.1
5.4
CVSSv3
CVE-2023-43830
A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into several fields: 'Minimum deposit', 'Maximum deposit' and/or ...
Intelliants Subrion 4.2.1
5.4
CVSSv3
CVE-2023-43884
A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into 'Reference ID' parameter.
Intelliants Subrion 4.2.1
8.1
CVSSv3
CVE-2019-20390
A Cross-Site Request Forgery (CSRF) vulnerability exists in Subrion CMS 4.2.1 that allows a remote malicious user to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to vali...
Intelliants Subrion 4.2.1
9.8
CVSSv3
CVE-2017-11444
Subrion CMS prior to 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GET array.
Intelliants Subrion Cms
9.8
CVSSv3
CVE-2017-11445
Subrion CMS prior to 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array.
Intelliants Subrion Cms
5.4
CVSSv3
CVE-2019-7356
Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.
Intelliants Subrion 4.2.1
6.1
CVSSv3
CVE-2018-14840
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).
Intelliants Subrion 4.2.1
1 EDB exploit
9.8
CVSSv3
CVE-2020-18155
SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.
Intelliants Subrion 4.2.1
4.8
CVSSv3
CVE-2018-16327
There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.
Intelliants Subrion 4.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »