Exploitation

I was able to see the exact version of subrion the website was running based on the header that the website was showing on the tab. The version was 4.2.

Subrion CMS 4.2.1 - Arbitrary File UploadExploit Database

Unfortunately for us we need authentication for this to work. However we were able to log in with default credentials, these being admin:admin.