SQL Injection Vulnerability in Subrion CMS by Intelliants
CVE-2021-41947

7.2HIGH

Key Information:

Vendor: Intelliants
Status: Subrion Cms
Vendor: CVE Published:; 8 October 2021

🔔 Create Intelliants Vulnerability Alert

What is CVE-2021-41947?

A vulnerability has been identified in Subrion CMS v4.2.1, specifically in its visual mode feature. This issue allows an attacker to exploit SQL injection techniques, potentially enabling unauthorized access to the database. If successfully executed, this vulnerability can lead to disclosure of sensitive information, data manipulation, or even full administrative access to the web application. It is essential for users of Subrion CMS to apply the necessary security patches and updates to safeguard their systems.

References

https://github.com/intelliants/subrion/issues/887

x_refsource_MISC

https://github.com/nu11secur1ty/CVE-mitre/tree/main/CVE-2...

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 8, 2021
Vulnerability Reserved
Oct 4, 2021