Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Subrion Cms Security Vulnerabilities

cve
cve

CVE-2023-43875

Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and...

6.1CVSS

6.2AI Score

0.0005EPSS

2023-10-19 10:15 PM
20
cve
cve

CVE-2022-43120

A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text...

6.1CVSS

5.8AI Score

0.001EPSS

2022-11-09 04:15 PM
43
6
cve
cve

CVE-2022-43121

A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text...

6.1CVSS

5.9AI Score

0.001EPSS

2022-11-09 04:15 PM
42
6
cve
cve

CVE-2022-37059

Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login...

4.8CVSS

5AI Score

0.001EPSS

2022-08-29 01:15 PM
45
11
cve
cve

CVE-2021-41502

An issue was discovered in Subrion CMS v4.2.1 There is a stored cross-site scripting (XSS) vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror...

5.4CVSS

5.3AI Score

0.001EPSS

2022-06-11 02:15 PM
62
9
cve
cve

CVE-2021-43464

A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through...

8.8CVSS

8.7AI Score

0.001EPSS

2022-04-04 06:15 PM
74
cve
cve

CVE-2020-18325

Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration...

6.1CVSS

5.9AI Score

0.001EPSS

2022-03-04 03:15 PM
53
cve
cve

CVE-2020-18324

Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart...

6.1CVSS

6AI Score

0.001EPSS

2022-03-04 03:15 PM
49
cve
cve

CVE-2020-18326

Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator...

8.8CVSS

8.8AI Score

0.002EPSS

2022-03-04 03:15 PM
44
cve
cve

CVE-2021-43724

A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS through 4.2.1 in the Create Page functionality of the admin Account via a SGV...

4.8CVSS

4.8AI Score

0.001EPSS

2022-02-24 03:15 PM
51
cve
cve

CVE-2021-41947

A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the...

7.2CVSS

7.2AI Score

0.001EPSS

2021-10-08 01:15 PM
20
cve
cve

CVE-2020-22392

Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image...

5.4CVSS

5.2AI Score

0.001EPSS

2021-08-05 10:15 PM
72
4