CVE-2025-56556
LOWDescription
An issue was discovered in Subrion CMS 4.2.1, allowing authenticated adminitrators or moderators with access to the built-in Run SQL Query feature under the SQL Tool admin panel - to gain escalated privileges in the context of the SQL query tool.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| intelliants | subrion_cms |
References
Frequently Asked Questions
What is CVE-2025-56556? +
How severe is CVE-2025-56556? +
What products are affected by CVE-2025-56556? +
How do I check if I'm vulnerable to CVE-2025-56556? +
Related Vulnerabilities
SQL-Injection in Harbor allows priviledge users to leak the task IDs
Zulip is an open-source team collaboration tool. The API for deleting an organization export is supposed to be restricted to …
Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be …
Subrion CMS 4.2.1 is vulnerable to SQL Injection via ia.core.mysqli.php. NOTE: this is disputed by multiple third parties because it …
Subrion CMS 4.2.1 is vulnerable to Cross Site Scripting (XSS) via adminer.php.