39 matches found
EUVD-2022-1393
Malicious code in bioql PyPI...
EUVD-2022-1496
Malicious code in bioql PyPI...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2020-18326
Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...
CVE-2020-18325
Multilple Cross Site Scripting XSS vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel...
Cross-Site Scripting (XSS)
intelliants/subrion is vulnerable to cross-site scripting. The vulnerability exists due to lack of sanitization in admin-controllable input caused by the assignValues function of fields.php, which allows an attacker to inject and execute malicious HTML and script code into the web site via the...
Cross site scripting
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43120
Consolidated details across multiple sources confirm a cross-site scripting (XSS) vulnerability in Subrion CMS v4.2.1, specifically in the /panel/fields/add component. The vulnerability allows an attacker to inject and execute arbitrary web scripts or HTML via a crafted payload placed into the Fi...
CVE-2022-43120
A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...
CVE-2022-43120
A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
Cross-Site Scripting (XSS)
intelliants/subrion is vulnerable to cross-site scripting. The vulnerability exists due to lack of validations when editing a blog entry which allows an attacker to modify the name of the uploaded images and execute arbitrary javascript...
GHSA-9CC3-5W85-PXVX Cross Site Request Forgery in intelliants/subrion
Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...
Cross-site Scripting in intelliants/subrion
Multilple Cross Site Scripting XSS vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel...
Cross Site Request Forgery in intelliants/subrion
Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...
CVE-2020-18326
Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...
CVE-2020-18326
Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...
Cross site scripting
Multilple Cross Site Scripting XSS vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel...