Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Setucocms Project Subscribe
Filtered by product Setucocms
Total 6 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4891 1 Setucocms Project 1 Setucocms 2017-05-22 6.8 MEDIUM 8.8 HIGH
Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors.
CVE-2016-4892 1 Setucocms Project 1 Setucocms 2017-05-22 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-4893 1 Setucocms Project 1 Setucocms 2017-05-22 6.5 MEDIUM 8.8 HIGH
SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2016-4894 1 Setucocms Project 1 Setucocms 2017-05-22 5.0 MEDIUM 5.3 MEDIUM
SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2016-4895 1 Setucocms Project 1 Setucocms 2017-05-22 6.5 MEDIUM 8.8 HIGH
SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors.
CVE-2016-4896 1 Setucocms Project 1 Setucocms 2017-05-22 6.4 MEDIUM 6.5 MEDIUM
SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors.