Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
subrion vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-6069
Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any tag, and can optionally insert XSS via the tags parameter.
Intelliants Subrion Cms 4.0.5
9.8
CVSSv3
CVE-2017-6013
Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.
Intelliants Subrion Cms 4.0.5.10
8.8
CVSSv3
CVE-2017-6066
Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/. The attacker can perform any Edit Language action, and can optionally insert XSS via the title parameter.
Intelliants Subrion Cms 4.0.5
8.8
CVSSv3
CVE-2017-6068
Subrion CMS 4.0.5 has CSRF in admin/blocks/add/. The attacker can create any block, and can optionally insert XSS via the content parameter.
Intelliants Subrion Cms 4.0.5
8.8
CVSSv3
CVE-2017-18366
Subrion CMS 4.1.5 has CSRF in blog/delete/.
Intelliants Subrion Cms 4.1.5
6.1
CVSSv3
CVE-2022-43120
A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.
Intelliants Subrion Cms 4.2.1
6.1
CVSSv3
CVE-2022-43121
A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.
Intelliants Subrion Cms 4.2.1
6.1
CVSSv3
CVE-2019-11406
Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.
Intelliants Subrion Cms 4.2.1
NA
CVE-2011-5211
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote malicious users to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452...
Intelliants Subrion Cms 2.0.4
1 EDB exploit
5.4
CVSSv3
CVE-2021-41502
An issue exists in Subrion CMS v4.2.1 There is a stored cross-site scripting (XSS) vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror attribute.
Intelliants Subrion Cms 4.2.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »