Subrion CMS version 2.2.1 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.