6 matches found
CVE-2012-4772
Subrion CMS prior to 2.2.3 contains a SQL Injection in the /register/ path (parameter plan_id) that allows remote attackers to alter SQL queries and potentially compromise the system. The vulnerability (CVE-2012-4772) is described in multiple sources as a classic injection through the plan_id fie...
subrion CMS 2.2.1 - Multiple Vulnerabilities
subrion CMS 2.2.1 - Multiple Vulnerabilities Advisory ID: HTB23113 Product: Subrion CMS Vendor: The Subrion development team Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Vendor Notification: September 5, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL...
Multiple vulnerabilities in Subrion CMS
Advisory ID: HTB23113 Product: Subrion CMS Vendor: The Subrion development team Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Vendor Notification: September 5, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting CWE-79,...
subrion CMS 2.2.1 - Multiple Vulnerabilities
Advisory ID: HTB23113 Product: Subrion CMS Vendor: The Subrion development team Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Vendor Notification: September 5, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting CWE-79,...
Subrion CMS 2.2.1 XSS / CSRF / SQL Injection
Advisory ID: HTB23113 Product: Subrion CMS Vendor: The Subrion development team Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Vendor Notification: September 5, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting CWE-79,...
Subrion CMS 2.2.1 XSS / CSRF / SQL Injection
-------------------- Product: Subrion CMS Vendor: The Subrion development team Vulnerable Versions: 2.2.1 and probably prior Tested Version: 2.2.1 Vendor Notification: September 5, 2012 Public Disclosure: October 17, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site Scripting CWE-79,...