Intelliants Subrion vulnerabilities
44 known vulnerabilities affecting intelliants/subrion.
Total CVEs
44
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH11MEDIUM30
Vulnerabilities
Page 3 of 3
CVE-2025-56556P4MEDIUM≥ 0, ≤ 4.2.12025-09-11
CVE-2025-56556 [MEDIUM] CWE-566 Subrion CMS: Authenticated administrators are able to gain escalated access through Run SQL Query tool
Subrion CMS: Authenticated administrators are able to gain escalated access through Run SQL Query tool
An issue was discovered in Subrion CMS 4.2.1, allowing authenticated adminitrators or moderators with access to the built-in Run SQL Query feature under the SQL Tool admin panel — to gain escalated privileges in the context of the SQL query tool.
ghsaosv
CVE-2022-37059P4MEDIUM≥ 0, ≤ 4.2.12022-08-29
CVE-2022-37059 [MEDIUM] CWE-79 Subrion CMS 4.2.1 vulnerable to cross-site scripting in admin panel
Subrion CMS 4.2.1 vulnerable to cross-site scripting in admin panel
Cross Site Scripting (XSS) in the Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via the Login Field.
ghsaosv
CVE-2018-11317MEDIUM≥ 0, < 4.1.42022-05-24
CVE-2018-11317 [MEDIUM] CWE-79 Subrion CMS XSS
Subrion CMS XSS
Subrion CMS before 4.1.4 has XSS.
ghsaosv
CVE-2017-18366HIGH≥ 0, < 4.2.12022-05-14
CVE-2017-18366 [HIGH] CWE-352 Subrion CMS vulnerable to CSRF in blog/delete
Subrion CMS vulnerable to CSRF in blog/delete
Subrion CMS is vulnerable to cross-site request forgery in `blog/delete/`. This has been patched in version 4.2.1.
ghsaosv
← Previous3 / 3