Vulnerabilities > Intelliants > Subrion CMS > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-04 CVE-2021-43464 Unspecified vulnerability in Intelliants Subrion CMS 4.2.1
A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval().
network
low complexity
intelliants
8.8
2022-03-04 CVE-2020-18326 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.2.1
Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via the Members administrator function, which could let a remote unauthenticated malicious user send an authorised request to victim and successfully create an arbitrary administrator user.
network
low complexity
intelliants CWE-352
8.8
2021-10-08 CVE-2021-41947 SQL Injection vulnerability in Intelliants Subrion CMS 4.2.1
A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.
network
low complexity
intelliants CWE-89
7.2
2020-11-10 CVE-2019-7357 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.2.1
Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/.
network
low complexity
intelliants CWE-352
8.8
2019-04-15 CVE-2017-18366 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.1.5
Subrion CMS 4.1.5 has CSRF in blog/delete/.
network
low complexity
intelliants CWE-352
8.8
2018-11-21 CVE-2018-19422 Unrestricted Upload of File with Dangerous Type vulnerability in Intelliants Subrion CMS 4.2.1
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
network
low complexity
intelliants CWE-434
7.2
2017-03-27 CVE-2017-6069 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.0.5
Subrion CMS 4.0.5 has CSRF in admin/blog/add/.
network
low complexity
intelliants CWE-352
8.8
2017-03-27 CVE-2017-6068 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.0.5
Subrion CMS 4.0.5 has CSRF in admin/blocks/add/.
network
low complexity
intelliants CWE-352
8.8
2017-03-27 CVE-2017-6066 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.0.5
Subrion CMS 4.0.5 has CSRF in admin/languages/edit/1/.
network
low complexity
intelliants CWE-352
8.8
2017-03-27 CVE-2017-6002 Cross-Site Request Forgery (CSRF) vulnerability in Intelliants Subrion CMS 4.0.5.10
Subrion CMS 4.0.5.10 has CSRF in admin/blog/add/.
network
low complexity
intelliants CWE-352
8.8