Vulnerabilities > Setucocms Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-12 | CVE-2016-4896 | Permissions, Privileges, and Access Controls vulnerability in Setucocms Project Setucocms SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors. | 6.5 |
| 2017-04-12 | CVE-2016-4895 | Code Injection vulnerability in Setucocms Project Setucocms SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors. | 8.8 |
| 2017-04-12 | CVE-2016-4894 | Unspecified vulnerability in Setucocms Project Setucocms SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors. | 5.3 |
| 2017-04-12 | CVE-2016-4893 | SQL Injection vulnerability in Setucocms Project Setucocms SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
| 2017-04-12 | CVE-2016-4892 | Cross-site Scripting vulnerability in Setucocms Project Setucocms Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 6.1 |
| 2017-04-12 | CVE-2016-4891 | Cross-Site Request Forgery (CSRF) vulnerability in Setucocms Project Setucocms Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors. | 8.8 |