/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a…

Subrion CMS before 4.1.5.10 has a SQL injection vulnerability in /front/search.php via the $_GE…

Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote attackers…

Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS before 2.2.3 allow remote at…

Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote …

SQL injection vulnerability in register/ in Subrion CMS before 2.2.3 allows remote attackers to…

uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads …

Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS before 2.2.3 allow re…

SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to …

Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter…

Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.1 via the q parameter in the…

Cross Site Request Forgery (CSRF) vulnerability exists in Intelliants Subrion CMS v4.2.1 via th…

Multilple Cross Site Scripting (XSS) vulnerability exists in Intelliants Subrion CMS v4.2.1 in …

includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP …

Unrestricted file upload vulnerability in admin/uploadimage.php in eLitius 1.0 allows remote at…

Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, or Email field, aka an "Ad…

Subrion CMS 4.0.5.10 has SQL injection in admin/database/ via the query parameter.

Multiple cross-site scripting (XSS) vulnerabilities in register.php in eSyndiCat Directory 2.2 …

SQL injection vulnerability in Subrion CMS before 3.3.3 allows remote authenticated users to ex…

Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can remotely activate/deacti…

SQL Injection vulnerability in Subrion CMS v4.2.1 in the search page if a website uses a PDO co…

A Remiote Code Execution (RCE) vulnerability exiss in Subrion CMS 4.2.1 via modified code in a …

Subrion 4.2.1 has a remote command execution vulnerability in the backend.

A SQL injection vulnerability exists in Subrion CMS v4.2.1 in the visual-mode.

Subrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST…

Cross-site scripting (XSS) vulnerability in Subrion CMS 4.1.4 allows remote attackers to inject…

Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat Directory 2.3 allow remote att…

Cross Site Scripting (XSS) vulnerability in subrion CMS Version <= 4.2.1 allows remote attacker…

Cross-site scripting (XSS) vulnerability in Subrion CMS before 3.2.3 allows remote attackers to…

An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page…

Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter.

Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie.

Subrion CMS before 4.1.4 has XSS.

SQL injection vulnerability in classes/Xp.php in eLitius 1.0 allows remote attackers to execute…

admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file …

Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to…

Multiple Cross-Site Scripting (XSS) vulnerabilities in installation of Subrion CMS v.4.2.1 allo…

Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter.

Subrion CMS 4.0.5 has CSRF in admin/blog/add/. The attacker can add any tag, and can optionally…

_core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter.