SetucoCMS allows remote attackers to alter or disclose information, related to session information.