Lucene search
China National Vulnerability DatabaseCNVD-2022-20162HistoryMar 08, 2022 - 12:00 a.m.
Subrion CMS Cross-site Request Forgery Vulnerability (CNVD-2022-20162)
2022-03-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
14
subrion cms
4.2.1
cross-site request forgery
vulnerability
php-based
content management system
remote user
unauthenticated user
authorization requests
member administrator
arbitrary administrator users
security
EPSS
0.002
Percentile
55.3%
Subrion CMS is a PHP-based content management system (CMS) from the Subrion team. The system can be integrated into websites and supports multiple extension plugins, etc. A security vulnerability exists in Subrion CMS 4.2.1, which allows a remote, unauthenticated, malicious user to send authorization requests to victims via the Member Administrator feature and successfully create arbitrary administrator users. No detailed vulnerability details are currently available.
Related
osv
osv
CVE-2020-18326
2022-03-04 15:15:08
Cross Site Request Forgery in intelliants/subrion
2022-03-05 00:00:45
prion
prion
Cross site request forgery (csrf)
2022-03-04 15:15:00
cvelist
cvelist
CVE-2020-18326
2022-03-04 14:15:37
github
github
Cross Site Request Forgery in intelliants/subrion
2022-03-05 00:00:45
nvd
nvd
CVE-2020-18326
2022-03-04 15:15:08
cve
cve
CVE-2020-18326
2022-03-04 15:15:08