VYPR

Subrion CMS

by Intelliants

Source repositories

CVEs (29)

  • CVE-2022-43121Nov 9, 2022
    risk 0.00cvss epss 0.01

    A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.

  • CVE-2021-43724Feb 23, 2022
    risk 0.00cvss epss 0.00

    A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS through 4.2.1 in the Create Page functionality of the admin Account via a SGV file.

  • CVE-2021-41947Oct 8, 2021
    risk 0.00cvss epss 0.01

    A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.

  • CVE-2019-7356Nov 4, 2020
    risk 0.00cvss epss 0.01

    Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.

  • CVE-2019-11406May 8, 2019
    risk 0.00cvss epss 0.01

    Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.

  • CVE-2017-18366Apr 12, 2019
    risk 0.00cvss epss 0.01

    Subrion CMS 4.1.5 has CSRF in blog/delete/.

  • CVE-2018-16631Dec 4, 2018
    risk 0.00cvss epss 0.01

    Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SITE TITLE parameter.

  • CVE-2015-4129Jul 5, 2015
    risk 0.00cvss epss 0.01

    SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote authenticated users to execute arbitrary SQL commands via modified serialized data in a salt cookie.

  • CVE-2014-9120Dec 10, 2014
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to subrion/search/.

Page 2 of 2