Vulnerability Details CVE-2024-25400
Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php. NOTE: this is disputed by multiple third parties because it refers to an HTTP request to a PHP file that only contains a class, without any mechanism for accepting external input, and the reportedly vulnerable method is not present in the file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.6%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-25400
-
cpe:2.3:a:intelliants:subrion:4.2.1