Lucene search
K
Setucocms ProjectSetucocms

6 matches found

CVE
CVE
added 2017/04/12 10:0 p.m.47 views

CVE-2016-4891

CVE-2016-4891 is a CSRF vulnerability in SetucoCMS affecting all versions, enabling remote attackers to hijack an administrator’s session to change settings via unspecified vectors. The linked JVN entries confirm the issue and note the impact as unintended setting changes; multiple sources also r...

8.8CVSS8.8AI score0.00977EPSS
CVE
CVE
added 2017/04/12 10:0 p.m.43 views

CVE-2016-4896

CVE-2016-4896 affects SetucoCMS (all versions) due to improper session management. The vulnerability can permit a remote attacker to disclose or alter information through unspecified vectors. The JVN/NVD entries corroborate a session-management issue with a low to moderate risk profile (CVSS v3 b...

6.5CVSS6.7AI score0.01347EPSS
CVE
CVE
added 2017/04/12 10:0 p.m.41 views

CVE-2016-4893

CVE-2016-4893 is a SQL injection vulnerability affecting SetucoCMS (all versions). The available connected documents confirm that an attacker can execute arbitrary SQL commands via unspecified vectors, potentially enabling data disclosure or manipulation. The impact per the sources notes arbitrar...

8.8CVSS8.7AI score0.01559EPSS
CVE
CVE
added 2017/04/12 10:0 p.m.38 views

CVE-2016-4894

CVE-2016-4894 affects SetucoCMS. The connected records describe a remote DoS vulnerability in all SetucoCMS versions, caused by an unspecified vector that can lead to availability degradation. Public details consistently identify the affected product as SetucoCMS and label the impact as denial of...

5.3CVSS5.9AI score0.02136EPSS
CVE
CVE
added 2017/04/12 10:0 p.m.35 views

CVE-2016-4892

CVE-2016-4892 is a cross-site scripting vulnerability affecting SetucoCMS (all versions). The connected documents confirm an XSS in SetucoCMS, enabling remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially causing a user’s browser to execute arbitrary code o...

6.1CVSS6.4AI score0.01278EPSS
CVE
CVE
added 2017/04/12 10:0 p.m.35 views

CVE-2016-4895

CVE-2016-4895 corresponds to a code-injection vulnerability in SetucoCMS. Per connected documents, SetucoCMS contains a code injection vulnerability that could allow a remote authenticated attacker to execute arbitrary code. The affected product is SetucoCMS (all versions) as described in JVN ent...

8.8CVSS8.4AI score0.02025EPSS