CVE-2022-21666

Source
https://nvd.nist.gov/vuln/detail/CVE-2022-21666
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-21666.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2022-21666
Related
  • GHSA-557p-hhpc-4wrx
Published
2022-01-10T20:15:08Z
Modified
2025-01-15T02:14:28.917939Z
Severity
  • 7.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file admin/pages/useredit.php with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of admin/pages/useredit.php.

References

Affected packages

Git / github.com/aaron-junker/usoc

Affected ranges

Type
GIT
Repo
https://github.com/aaron-junker/usoc
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Fixed

Affected versions

Pa1.*

Pa1.0Bfx0

Pb1.*

Pb1.0Bfx0
Pb1.0Bfx1
Pb1.0Bfx1,Pre-beta
Pb1.0Bfx2
Pb1.1Bfx0
Pb1.2Bfx0
Pb1.3Bfx0
Pb1.4Bfx0
Pb1.5Bfx0
Pb1.6Bfx0
Pb1.7Bfx0
Pb1.8Bfx0

Pb2.*

Pb2.0Bfx0
Pb2.0Bfx0RCA
Pb2.0Bfx1
Pb2.1Bfx0
Pb2.2Bfx0
Pb2.3Bfx0
Pb2.4Bfx0