6 matches found
CVE-2018-14840
creationtimestamp| type| source ---|---|--- 2018-08-06 14:41:21+00:00| seen| https://t.me/VulnerabilityNews/499...
Subrion CMS 4.2.1 - Cross-Site Scripting
Subrion CMS 4.2.1 - Cross-Site Scripting Exploit Title: Subrion CMS- 4.2.1 XSS Using component with known Vulnerability Date: 02-08-2018 Exploit Author: Zeel Chavda Vendor Homepage: https://subrion.org/ Software Link: https://subrion.org/download/ Version: 4.2.1 REQUIRED Tested on: Windows,FireFo...
Subrion CMS 4.2.1 Cross Site Scripting
Exploit Title: Subrion CMS- 4.2.1 XSS Using component with known Vulnerability Date: 02-08-2018 Exploit Author: Zeel Chavda Vendor Homepage: https://subrion.org/ Software Link: https://subrion.org/download/ Version: 4.2.1 REQUIRED Tested on: Windows,FireFox CVE : CVE-2018-14840 Steps: - 1. Create...
Subrion CMS 4.2.1 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Subrion CMS- 4.2.1 XSS Using component with known Vulnerability Exploit Author: Zeel Chavda Vendor Homepage: https://subrion.org/ Software Link: https://subrion.org/download/ Version: 4.2.1 REQUIRED Tested on: Windows,FireFox CV...
CVE-2018-14840
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads but does block, for example, .htm file uploads...
CVE-2018-14840
Subrion CMS 4.2.1 contains a Cross‑Site Scripting (XSS) vulnerability in uploads/.htaccess, where the app does not block .html uploads (while blocking .htm). An attacker can upload a .html file via CKEditor/manager and trigger XSS. Public exploit entries and a related commit reference support thi...