6 matches found
CVE-2016-4891
CVE-2016-4891 is a CSRF vulnerability in SetucoCMS affecting all versions, enabling remote attackers to hijack an administrator’s session to change settings via unspecified vectors. The linked JVN entries confirm the issue and note the impact as unintended setting changes; multiple sources also r...
CVE-2016-4896
CVE-2016-4896 affects SetucoCMS (all versions) due to improper session management. The vulnerability can permit a remote attacker to disclose or alter information through unspecified vectors. The JVN/NVD entries corroborate a session-management issue with a low to moderate risk profile (CVSS v3 b...
CVE-2016-4893
CVE-2016-4893 is a SQL injection vulnerability affecting SetucoCMS (all versions). The available connected documents confirm that an attacker can execute arbitrary SQL commands via unspecified vectors, potentially enabling data disclosure or manipulation. The impact per the sources notes arbitrar...
CVE-2016-4894
CVE-2016-4894 affects SetucoCMS. The connected records describe a remote DoS vulnerability in all SetucoCMS versions, caused by an unspecified vector that can lead to availability degradation. Public details consistently identify the affected product as SetucoCMS and label the impact as denial of...
CVE-2016-4892
CVE-2016-4892 is a cross-site scripting vulnerability affecting SetucoCMS (all versions). The connected documents confirm an XSS in SetucoCMS, enabling remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially causing a user’s browser to execute arbitrary code o...
CVE-2016-4895
CVE-2016-4895 corresponds to a code-injection vulnerability in SetucoCMS. Per connected documents, SetucoCMS contains a code injection vulnerability that could allow a remote authenticated attacker to execute arbitrary code. The affected product is SetucoCMS (all versions) as described in JVN ent...