pkg:Packagist/intelliants/subrion

所有已知漏洞

• CRITICAL9.8CVE-2017-5543Subrion CMS PHP Object Injection
  >= 4.0.5, < 4.1.0
• CRITICAL9.8CVE-2020-18155SQL Injection in Subrion CMS
  from 0, <= 4.2.1
• HIGH8.8CVE-2019-7357Subrion CMS CSRF Vulnerability
  from 0, <= 4.2.1
• HIGH8.8CVE-2018-21037Subrion CMS CSRF Vulnerability
  from 0, < 4.2.1
• HIGH8.8CVE-2017-15063Subrion CMS CSRF Vulnerability
  >= 4.1, < 4.2.0
• HIGH8.8CVE-2017-6068Subrion CMS vulnerable to CSRF in admin/blocks/add
  from 0, <= 4.0.5
• HIGH8.8CVE-2017-18366Subrion CMS vulnerable to CSRF in blog/delete
  from 0, < 4.2.1
• HIGH8.8CVE-2021-43464Remote code execution in Subrion
  from 0, <= 4.2.1
• HIGH8.8CVE-2020-18326Cross Site Request Forgery in intelliants/subrion
  from 0, <= 4.2.1
• HIGH8.1CVE-2019-20390Subrion CMS Cross-Site Request Forgery (CSRF) vulnerability
• HIGH7.8CVE-2020-12468Subrion CMS CSV injection via Export Language
• HIGH7.2CVE-2023-46947Subrion remote command execution vulnerability
  from 0, <= 4.2.1
• HIGH7.2CVE-2018-19422Subrion CMS RCE Vulnerability
  from 0, < 4.2.2
• MEDIUM6.5CVE-2025-56556Subrion CMS: Authenticated administrators are able to gain escalated access through Run SQL Query tool
  from 0, <= 4.2.1
• MEDIUM6.5CVE-2020-12469Subrion CMS PHP Object Injection
  from 0, <= 4.2.1
• MEDIUM6.5CVE-2020-12467Session Fixation in Subrion CMS
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2025-70958Subrion CMS vulnerable to cross-site scripting
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2024-25399Subrion CMS vulnerable to Cross Site Scripting
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2023-43875Subrion CMS vulnerable to Cross-site Scripting
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2022-43120Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2022-43121Subrion CMS is vulnerable to Cross-Site Scripting (XSS)
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2020-22330Subrion Cross-Site Scripting (XSS) vulnerability
  >= 4.2.1, < 4.2.2
• MEDIUM6.1CVE-2020-23761subrion CMS Cross Site Scripting (XSS) vulnerability
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2019-20389Subrion CMS XSS
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2018-11317Subrion CMS XSS
  from 0, < 4.1.4
• MEDIUM6.1CVE-2017-10795Subrion Cross-site scripting (XSS) vulnerability
  from 0, < 4.1.6
• MEDIUM6.1CVE-2018-14840Subrion CMS Cross-site Scripting
  from 0, < 4.2.2
• MEDIUM6.1CVE-2018-15563Subrion CMS Stored Cross-site Scripting (XSS)
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2020-18324Cross-site Scripting in Subrion CMS
  from 0, <= 4.2.1
• MEDIUM6.1CVE-2020-18325Cross-site Scripting in intelliants/subrion
  from 0, <= 4.2.1
• MEDIUM5.4CVE-2023-43884Subrion CMS Cross-site Scripting vulnerability
  from 0, <= 4.2.1
• MEDIUM5.4CVE-2023-43828Subrion CMS Cross-site Scripting vulnerability in /panel/languages
  from 0, <= 4.2.1
• MEDIUM5.4CVE-2023-43830Subrion CMS XSS in /panel/configuration/financial/
  from 0, <= 4.2.1
• MEDIUM5.4CVE-2021-41502Cross site scripting in intelliants/subrion
  from 0, <= 4.2.1
• MEDIUM5.4CVE-2018-14835Subrion CMS XSS
  from 0, <= 4.2.1
• MEDIUM5.4CVE-2020-22392Cross Site Scripting in Subrion CMS
  from 0, <= 4.2.1
• MEDIUM4.8CVE-2022-37059Subrion CMS 4.2.1 vulnerable to cross-site scripting in admin panel
  from 0, <= 4.2.1
• MEDIUM4.8CVE-2018-16327Subrion Cross-site Scripting (XSS)
• MEDIUM4.8CVE-2018-16629Subrion CMS XSS
  from 0, <= 4.2.1
• MEDIUM4.8CVE-2021-41948Subrion CMS Cross-site Scripting (XSS) vulnerability in the `contact us` plugin
  from 0, <= 4.2.1
• —CVE-2014-9120Subrion CMS Cross-site scripting in search
  from 0, < 3.2.3