Vulnerabilities > Intelliants

DATE CVE VULNERABILITY TITLE RISK
2022-04-29 CVE-2021-41948 Cross-site Scripting vulnerability in Intelliants Subrion
A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of subjects".
3.5
2022-04-04 CVE-2021-43464 Unspecified vulnerability in Intelliants Subrion CMS 4.2.1
A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval().
network
low complexity
intelliants
6.5
2022-03-04 CVE-2020-18324 Cross-site Scripting vulnerability in Intelliants Subrion CMS 4.2.1
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template.
4.3
2022-03-04 CVE-2020-18325 Cross-site Scripting vulnerability in Intelliants Subrion CMS 4.2.1
Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel.
4.3
2022-03-04 CVE-2020-18326 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.2.1
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
6.8
2022-02-24 CVE-2021-43724 Cross-site Scripting vulnerability in Intelliants Subrion CMS
A Cross Site Scripting (XSS) vulnerability exits in Subrion CMS through 4.2.1 in the Create Page functionality of the admin Account via a SGV file.
3.5
2021-10-08 CVE-2021-41947 SQL Injection vulnerability in Intelliants Subrion CMS 4.2.1
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.
network
low complexity
intelliants CWE-89
6.5
2021-08-06 CVE-2020-22330 Cross-site Scripting vulnerability in Intelliants Subrion 4.2.1
Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the title when adding a page.
4.3
2021-08-05 CVE-2020-22392 Cross-site Scripting vulnerability in Intelliants Subrion CMS 4.2.2
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file.
3.5
2021-07-14 CVE-2020-18155 SQL Injection vulnerability in Intelliants Subrion 4.2.1
SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.
network
low complexity
intelliants CWE-89
7.5