Known Vulnerabilities for Subrion by Intelliants
Listed below are 10 of the newest known vulnerabilities associated with "Subrion" by "Intelliants".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2023-46947 json | Subrion 4.2.1 has a remote command execution vulnerability in the backend. | 8.8 - HIGH | 2023-11-03 | 2023-11-13 |
| CVE-2023-43884 json | A Cross-site scripting (XSS) vulnerability in Reference ID from the panel Transactions, of Subrion v4.2.1 allows attackers to... | 5.4 - MEDIUM | 2023-09-28 | 2023-09-29 |
| CVE-2023-43830 json | A Cross-site scripting (XSS) vulnerability in /panel/configuration/financial/ of Subrion v4.2.1 allows attackers to execute a... | 5.4 - MEDIUM | 2023-09-27 | 2023-09-28 |
| CVE-2023-43828 json | A Cross-site scripting (XSS) vulnerability in /panel/languages/ of Subrion v4.2.1 allow attackers to execute arbitrary web sc... | 5.4 - MEDIUM | 2023-09-27 | 2023-09-28 |
| CVE-2021-41948 json | A cross-site scripting (XSS) vulnerability exists in the "contact us" plugin for Subrion CMS <= 4.2.1 version via "List of su... | 5.4 - MEDIUM | 2022-04-29 | 2022-05-10 |
| CVE-2020-23761 json | Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote attackers to execute arbitrary web scr... | 6.1 - MEDIUM | 2021-04-09 | 2021-04-13 |
| CVE-2020-22330 json | Cross-Site Scripting (XSS) vulnerability in Subrion 4.2.1 via the title when adding a page. | 6.1 - MEDIUM | 2021-08-06 | 2021-08-12 |
| CVE-2020-18155 json | SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO connection. | 9.8 - CRITICAL | 2021-07-14 | 2021-07-29 |
| CVE-2020-12469 json | admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data ... | 6.5 - MEDIUM | 2020-04-29 | 2020-05-05 |
| CVE-2020-12468 json | Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to phrases/add/ and languages/do... | 7.8 - HIGH | 2020-04-29 | 2020-05-01 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Intelliants | Subrion | 4.2.1 | |||
| Application | Intelliants | Subrion | 4.2.0 | |||
| Application | Intelliants | Subrion | 4.1.5 | |||
| Application | Intelliants | Subrion | 4.1.4 | |||
| Application | Intelliants | Subrion | 4.1.3 | |||
| Application | Intelliants | Subrion | 4.1.2 | |||
| Application | Intelliants | Subrion | 4.1.1 | |||
| Application | Intelliants | Subrion | 4.1.0 | |||
| Application | Intelliants | Subrion | 4.0.5 | |||
| Application | Intelliants | Subrion | 4.0.4 | |||
| Application | Intelliants | Subrion | 4.0.3 | |||
| Application | Intelliants | Subrion | 4.0.2 | |||
| Application | Intelliants | Subrion | 4.0.1 | |||
| Application | Intelliants | Subrion | 4.0.0 | |||
| Application | Intelliants | Subrion | 3.3.5 | |||
| Application | Intelliants | Subrion | 3.3.4 | |||
| Application | Intelliants | Subrion | 3.3.3 | |||
| Application | Intelliants | Subrion | 3.3.2 | |||
| Application | Intelliants | Subrion | 3.3.1 | |||
| Application | Intelliants | Subrion | 3.3.0 |