intelliants/subrion Security Advisories for v4.0.3 (33)
-
[MEDIUM] Subrion CMS: Authenticated administrators are able to gain escalated access through Run SQL Query tool
PKSA-mw3q-qm9d-44tk CVE-2025-56556 GHSA-h8wv-vv58-468h
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS vulnerable to Cross Site Scripting
PKSA-3ngr-4r5n-bpmj CVE-2024-25399 GHSA-q4qh-8pxw-r48q
Affected version: <=4.2.1
Reported by:
GitHub -
[HIGH] Subrion remote command execution vulnerability
PKSA-44g7-64kg-2nzs CVE-2023-46947 GHSA-2x28-c7j7-23gv
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS vulnerable to Cross-site Scripting
PKSA-xkwf-6p2z-5wrj CVE-2023-43875 GHSA-646r-8fcc-p82r
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS Cross-site Scripting vulnerability
PKSA-tgcv-sc1y-r7m8 CVE-2023-43884 GHSA-7vff-rv2f-cj79
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS Cross-site Scripting vulnerability in /panel/languages
PKSA-xtyr-cq13-q44c CVE-2023-43828 GHSA-4w2j-wj9q-6wpx
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS XSS in /panel/configuration/financial/
PKSA-shpy-zp5t-xnb1 CVE-2023-43830 GHSA-q832-2275-rfqh
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
PKSA-b1g4-jmk5-w854 CVE-2022-43120 GHSA-3wmg-28v9-8hf6
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
PKSA-4fgz-rb6w-kzrx CVE-2022-43121 GHSA-jrvr-gmqv-hgrh
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS 4.2.1 vulnerable to cross-site scripting in admin panel
PKSA-dk41-tq18-rj5s CVE-2022-37059 GHSA-rh4r-9689-6xw4
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Cross site scripting in intelliants/subrion
PKSA-pn8z-dn6q-z3v8 CVE-2021-41502 GHSA-jvq4-cgfw-jgf4
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] subrion CMS Cross Site Scripting (XSS) vulnerability
PKSA-t3s1-2jd6-mrr8 CVE-2020-23761 GHSA-xhc3-5pgf-p576
Affected version: <=4.2.1
Reported by:
GitHub -
[HIGH] Subrion CMS CSRF Vulnerability
PKSA-f4sb-96pw-8f4p CVE-2019-7357 GHSA-5mh2-82g9-72jv
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS XSS
PKSA-gvt2-sxsp-7d9z CVE-2019-20389 GHSA-xvgx-668j-f67p
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS PHP Object Injection
PKSA-ns4f-pmz3-89k4 CVE-2020-12469 GHSA-fmqq-hw9m-448q
Affected version: <=4.2.1
Reported by:
GitHub -
[HIGH] Subrion CMS CSRF Vulnerability
PKSA-d6c2-p1z3-s3r3 CVE-2018-21037 GHSA-g8j7-w673-4mjp
Affected version: <4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS XSS
PKSA-zsbc-44ms-5xyw CVE-2018-11317 GHSA-2cmg-vxvh-8h7h
Affected version: <4.1.4
Reported by:
GitHub -
[MEDIUM] Subrion CMS XSS
PKSA-ztsk-v4p5-v76r CVE-2018-14835 GHSA-c8mg-wp7h-f2pf
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion Cross-site scripting (XSS) vulnerability
PKSA-53jr-cjgs-qynk CVE-2017-10795 GHSA-2xv7-fwh6-x7fc
Affected version: <=4.1.5
Reported by:
GitHub -
[MEDIUM] Subrion CMS Cross-site Scripting
PKSA-5mft-gwr6-7qgy CVE-2018-14840 GHSA-vhqr-3gr2-7px9
Affected version: <4.2.2
Reported by:
GitHub -
[MEDIUM] Subrion CMS Stored Cross-site Scripting (XSS)
PKSA-4f6c-1whh-1979 CVE-2018-15563 GHSA-6wc4-v4v5-3m82
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS XSS
PKSA-n3b4-jfx3-z34n CVE-2018-16629 GHSA-mxv3-qcmf-r6wj
Affected version: <=4.2.1
Reported by:
GitHub -
[HIGH] Subrion CMS vulnerable to CSRF in admin/blocks/add
PKSA-kwjp-pm49-r3h7 CVE-2017-6068 GHSA-q4h5-g3w8-f9x7
Affected version: <=4.0.5
Reported by:
GitHub -
[HIGH] Subrion CMS vulnerable to CSRF in blog/delete
PKSA-xnd9-kk6m-y87m CVE-2017-18366 GHSA-c939-g732-48r8
Affected version: <4.2.1
Reported by:
GitHub -
[HIGH] Subrion CMS RCE Vulnerability
PKSA-x326-wcv2-v9fr CVE-2018-19422 GHSA-73xj-v6gc-g5p5
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Subrion CMS Cross-site Scripting (XSS) vulnerability in the `contact us` plugin
PKSA-8vyx-z7hv-zp9k CVE-2021-41948 GHSA-jv64-2m3x-6v4q
Affected version: <=4.2.1
Reported by:
GitHub -
[HIGH] Remote code execution in Subrion
PKSA-ps3x-2zp6-z9pc CVE-2021-43464 GHSA-g54x-29xv-58h5
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in intelliants/subrion
PKSA-yp37-4w18-q9by CVE-2020-18325 GHSA-pcwq-7wrw-r8jv
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in Subrion CMS
PKSA-2whw-phcs-cg4c CVE-2020-18324 GHSA-xj7h-g7rh-gjcw
Affected version: <=4.2.1
Reported by:
GitHub -
[HIGH] Cross Site Request Forgery in intelliants/subrion
PKSA-vrjh-f8pb-xrmn CVE-2020-18326 GHSA-9cc3-5w85-pxvx
Affected version: <=4.2.1
Reported by:
GitHub -
[CRITICAL] SQL Injection in Subrion CMS
PKSA-5g65-c9d8-257c CVE-2020-18155 GHSA-7q44-gfvq-6g93
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Cross Site Scripting in Subrion CMS
PKSA-kysk-nzf4-sxcw CVE-2020-22392 GHSA-hxj6-v58r-cqv3
Affected version: <=4.2.1
Reported by:
GitHub -
[MEDIUM] Session Fixation in Subrion CMS
PKSA-gkwk-tk3b-nxqd CVE-2020-12467 GHSA-qpxw-6473-ppww
Affected version: <=4.2.1
Reported by:
GitHub