56 matches found
Subrion CMS <4.1.5.10 - SQL Injection
Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $GET array. id: CVE-2017-11444 info: name: Subrion CMS 4.1.5.10 - SQL Injection author: dwisiswant0 severity: critical description: "Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in...
EUVD-2022-1393
Malicious code in bioql PyPI...
EUVD-2022-1496
Malicious code in bioql PyPI...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2020-18326
Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...
CVE-2020-18325
Multilple Cross Site Scripting XSS vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel...
Subrion CMS 4.2.1 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Subrion CMS 4.2.1 - Stored Cross-Site Scripting XSS Exploit Author: Sinem Şahin Vendor Homepage: https://intelliants.com/ Version: 4.2.1 Tested on: Windows & XAMPP == Tutorial http://HOST/panel/fields/add 2- Write XSS Payload into the tooltip value of the field add page. 3- Press...
Subrion CMS 4.2.1 Cross Site Scripting
Exploit Title: Subrion CMS 4.2.1 - Stored Cross-Site Scripting XSS Date: 2022-08-10 Exploit Author: Sinem Şahin Vendor Homepage: https://intelliants.com/ Version: 4.2.1 Tested on: Windows & XAMPP == Tutorial http://HOST/panel/fields/add 2- Write XSS Payload into the tooltip value of the field add...
Subrion CMS 4.2.1 - Stored Cross-Site Scripting (XSS)
Exploit Title: Subrion CMS 4.2.1 - Stored Cross-Site Scripting XSS Date: 2022-08-10 Exploit Author: Sinem Şahin Vendor Homepage: https://intelliants.com/ Version: 4.2.1 Tested on: Windows & XAMPP == Tutorial http://HOST/panel/fields/add 2- Write XSS Payload into the tooltip value of the field add...
Cross-Site Scripting (XSS)
intelliants/subrion is vulnerable to cross-site scripting. The vulnerability exists due to lack of sanitization in admin-controllable input caused by the assignValues function of fields.php, which allows an attacker to inject and execute malicious HTML and script code into the web site via the...
Cross site scripting
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43121
A cross-site scripting XSS vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field...
CVE-2022-43120
Consolidated details across multiple sources confirm a cross-site scripting (XSS) vulnerability in Subrion CMS v4.2.1, specifically in the /panel/fields/add component. The vulnerability allows an attacker to inject and execute arbitrary web scripts or HTML via a crafted payload placed into the Fi...
CVE-2022-43120
A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...
CVE-2022-43120
A cross-site scripting XSS vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field...
Cross-Site Scripting (XSS)
intelliants/subrion is vulnerable to cross-site scripting. The vulnerability exists due to lack of validations when editing a blog entry which allows an attacker to modify the name of the uploaded images and execute arbitrary javascript...
GHSA-9CC3-5W85-PXVX Cross Site Request Forgery in intelliants/subrion
Cross Site Request Forgery CSRF vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user...
Cross-site Scripting in intelliants/subrion
Multilple Cross Site Scripting XSS vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel...