VYPR
Vendor

Setucocms Project

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2016-4895HigApr 12, 2017
    risk 0.57cvss 8.8epss 0.02

    SetsucoCMS all versions allows remote authenticated attackers to conduct code injection attacks via unspecified vectors.

  • CVE-2016-4893HigApr 12, 2017
    risk 0.57cvss 8.8epss 0.02

    SQL injection vulnerability in the SetsucoCMS all versions allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

  • CVE-2016-4891HigApr 12, 2017
    risk 0.57cvss 8.8epss 0.01

    Cross-site request forgery (CSRF) vulnerability in SetsucoCMS all versions allows remote attackers to hijack the authentication of an administrator to change settings via unspecified vectors.

  • CVE-2016-4896MedApr 12, 2017
    risk 0.42cvss 6.5epss 0.01

    SetsucoCMS all versions does not properly manage sessions, which allows remote attackers to disclose or alter unauthorized information via unspecified vectors.

  • CVE-2016-4892MedApr 12, 2017
    risk 0.40cvss 6.1epss 0.01

    Cross-site scripting vulnerability in SetsucoCMS all versions allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

  • CVE-2016-4894MedApr 12, 2017
    risk 0.35cvss 5.3epss 0.02

    SetsucoCMS all versions allows remote attackers to cause a denial of service via unspecified vectors.