Vulnerabilities > Intelliants > Subrion > High

DATE CVE VULNERABILITY TITLE RISK
2023-11-03 CVE-2023-46947 Code Injection vulnerability in Intelliants Subrion 4.2.1
Subrion 4.2.1 has a remote command execution vulnerability in the backend.
network
low complexity
intelliants CWE-94
8.8
8.8
2021-07-14 CVE-2020-18155 SQL Injection vulnerability in Intelliants Subrion 4.2.1
SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection.
network
low complexity
intelliants CWE-89
7.5
7.5
2017-01-20 CVE-2017-5543 Code Injection vulnerability in Intelliants Subrion 4.0.5
includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request.
network
low complexity
intelliants CWE-94
7.5
7.5