Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2020-18326

Published: 04/03/2022 Updated: 11/03/2022
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Subrion Cms

Vulnerability Summary

Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

intelliants subrion cms 4.2.1

Github Repositories

https://github.com/hamm0nz/CVE-2020-18326

Exploit PoC for CVE-2020-18326

Subrion CMS 421 - Cross Site Request Forgery (CSRF) (Add Administrator user) Description Subrion CMS is easy to install and simple to manage Use it as a stand-alone application or in conjunction with other applications to create entry level sites, mid-sized or large sites Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v421 via the Member

References

CWE-352https://github.com/hamm0nz/CVE-2020-18326http://intelliants.comhttp://subrion.comhttps://nvd.nist.govhttps://github.com/hamm0nz/CVE-2020-18326
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook