Setucocms Security Vulnerabilities and Issues — Setucocms CVE List

Lucene search

Setucocms ProjectSetucocms

6 matches found

CVE•added 2017/04/12 10:59 p.m.•37 views

CVE-2016-4891

Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors.

8.8CVSS8.8AI score0.0014EPSS

CVE•added 2017/04/12 10:59 p.m.•35 views

CVE-2016-4896

SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors.

6.5CVSS6.7AI score0.00272EPSS

CVE•added 2017/04/12 10:59 p.m.•32 views

CVE-2016-4893

SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

8.8CVSS8.7AI score0.00697EPSS

CVE•added 2017/04/12 10:59 p.m.•28 views

CVE-2016-4892

Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

6.1CVSS6.4AI score0.00343EPSS

CVE•added 2017/04/12 10:59 p.m.•28 views

CVE-2016-4894

SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors.

5.3CVSS5.9AI score0.00996EPSS

CVE•added 2017/04/12 10:59 p.m.•27 views

CVE-2016-4895

SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors.

8.8CVSS8.4AI score0.01346EPSS