← Back

Setucocms Project

setucocms_project

6 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Setucocms
setucocms
6 CVEs

CVEs (6)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2016-4896
1Setucocms Project
1Setucocms
May 13, 2026
Apr 12, 2017
N/A· v4
6.5 MEDIUM· v3
6.4 MEDIUM· v2
SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors.
CVE-2016-4895
1Setucocms Project
1Setucocms
May 13, 2026
Apr 12, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors.
CVE-2016-4894
1Setucocms Project
1Setucocms
May 13, 2026
Apr 12, 2017
N/A· v4
5.3 MEDIUM· v3
5.0 MEDIUM· v2
SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors.
CVE-2016-4893
1Setucocms Project
1Setucocms
May 13, 2026
Apr 12, 2017
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2016-4892
1Setucocms Project
1Setucocms
May 13, 2026
Apr 12, 2017
N/A· v4
6.1 MEDIUM· v3
4.3 MEDIUM· v2
Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2016-4891
1Setucocms Project
1Setucocms
May 13, 2026
Apr 12, 2017
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors.