Shodan
Vulnerabilities
Vulnerable Software
Intelliants:  >> Subrion Cms  Security Vulnerabilities
CVE-2025-56556
An issue was discovered in Subrion CMS 4.2.1, allowing authenticated adminitrators or moderators with access to the built-in Run SQL Query feature under the SQL Tool admin panel - to gain escalated privileges in the context of the SQL query tool.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-09-11
CVE-2024-25399
Subrion CMS 4.2.1 is vulnerable to Cross Site Scripting (XSS) via adminer.php.
CVSS Score
6.1
EPSS Score
0.002
Published
2024-02-27
CVE-2023-43875
Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allows a local attacker to execute arbitrary web scripts via a crafted payload injected into the dbhost, dbname, dbuser, adminusername and adminemail.
CVSS Score
6.1
EPSS Score
0.032
Published
2023-10-19
CVE-2022-43120
A cross-site scripting (XSS) vulnerability in the /panel/fields/add component of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Field default value text field.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-11-09
CVE-2022-43121
A cross-site scripting (XSS) vulnerability in the CMS Field Add page of Intelliants Subrion CMS v4.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tooltip text field.
CVSS Score
6.1
EPSS Score
0.004
Published
2022-11-09
CVE-2022-37059
Cross Site Scripting (XSS) in Admin Panel of Subrion CMS 4.2.1 allows attacker to inject arbitrary code via Login Field
CVSS Score
4.8
EPSS Score
0.002
Published
2022-08-29
CVE-2021-41502
An issue was discovered in Subrion CMS v4.2.1 There is a stored cross-site scripting (XSS) vulnerability that can execute malicious JavaScript code by modifying the name of the uploaded image, closing the html tag, or adding the onerror attribute.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-06-11
CVE-2021-43464
A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a background field; when the information is modified, the data in it will be executed through eval().
CVSS Score
8.8
EPSS Score
0.008
Published
2022-04-04
CVE-2020-18324
Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the Kickstart template.
CVSS Score
6.1
EPSS Score
0.067
Published
2022-03-04
CVE-2020-18325
Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in the Configuration panel.
CVSS Score
6.1
EPSS Score
0.017
Published
2022-03-04


Products
Pricing
Contact Us

Shodan ® - All rights reserved