Show filters
59 Total Results
Displaying 31-40 of 59
Sort by:
Attacker Value
Unknown
CVE-2018-11317
Disclosure Date: July 03, 2019 (last updated November 27, 2024)
Subrion CMS before 4.1.4 has XSS.
0
Attacker Value
Unknown
CVE-2019-11406
Disclosure Date: May 08, 2019 (last updated November 27, 2024)
Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.
0
Attacker Value
Unknown
CVE-2017-18366
Disclosure Date: April 15, 2019 (last updated November 27, 2024)
Subrion CMS 4.1.5 has CSRF in blog/delete/.
0
Attacker Value
Unknown
CVE-2018-16631
Disclosure Date: December 04, 2018 (last updated November 27, 2024)
Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SITE TITLE parameter.
0
Attacker Value
Unknown
CVE-2018-16629
Disclosure Date: December 04, 2018 (last updated November 27, 2024)
panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.
0
Attacker Value
Unknown
CVE-2018-19422
Disclosure Date: November 21, 2018 (last updated November 27, 2024)
/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these.
0
Attacker Value
Unknown
CVE-2018-15563
Disclosure Date: October 02, 2018 (last updated November 27, 2024)
_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.
0
Attacker Value
Unknown
CVE-2018-16327
Disclosure Date: September 01, 2018 (last updated November 27, 2024)
There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.
0
Attacker Value
Unknown
CVE-2018-14840
Disclosure Date: August 02, 2018 (last updated November 27, 2024)
uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).
0
Attacker Value
Unknown
CVE-2018-14835
Disclosure Date: August 02, 2018 (last updated November 27, 2024)
Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no escaping added to the tooltip information being displayed in multiple areas.
0
