Subrion is a powerful and easy-to-use PHP content management system with powerful features such as full-source editing, per-page permissions, user activity monitoring, etc. A SQL injection vulnerability exists in visual-mode in Subrion version 4.2.1. An attacker can use this vulnerability to obtain sensitive database information.