| Max CVSS | 7.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2012-5452 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS 2.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) multi_title parameter to blocks/add/; (2) cost, (3) days, or (4) title[en] parameter to plans/add/; (5)
|
29-08-2017 - 01:32 | 22-10-2012 - 23:55 | |
| CVE-2012-4773 | 6.8 |
Multiple cross-site request forgery (CSRF) vulnerabilities in Subrion CMS before 2.2.3 allow remote attackers to hijack the authentication of administrators for requests that add, delete, or modify sensitive information, as demonstrated by adding an
|
29-08-2017 - 01:32 | 22-10-2012 - 23:55 | |
| CVE-2012-4772 | 7.5 |
SQL injection vulnerability in register/ in Subrion CMS before 2.2.3 allows remote attackers to execute arbitrary SQL commands via the plan_id parameter.
|
29-08-2017 - 01:32 | 22-10-2012 - 23:55 | |
| CVE-2012-4771 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Subrion CMS before 2.2.3 allow remote attackers to inject arbitrary web script or HTML via the id parameter to (1) admin/accounts/, (2) admin/manage/, or (3) admin/manage/blocks/edit/; or (4) gro
|
29-08-2017 - 01:32 | 22-10-2012 - 23:55 |