Approved changes feed: RSS · Atom
cpe:2.3:a:aaron-junker:usoc:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Aaron Junker (20cdb97d-2ac3-502d-af6e-b2c4a2398a17) |
|---|---|
| Product | Usoc (1a89b601-2857-5cd7-ae6b-f8ade98d0a57) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-21666 |
vulnerable | 2026-06-03 14:46:13.289941 |
SQL Injection in useredit.php
HIGH (7.2)
Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file `admin/pages/useredit.php` with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of `admin/pages/useredit.php`.
Published: 2022-01-10T20:00:12.000Z
Updated: 2025-04-23T19:13:57.602Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-21644 |
vulnerable | 2026-06-03 14:46:13.257144 |
SQL Injection via search in USOC
CRITICAL (9.1)
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are advised to upgrade as soon as possible. There are not workarounds for this issue.
Published: 2022-01-04T20:00:12.000Z
Updated: 2025-04-23T19:15:06.420Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-21643 |
vulnerable | 2026-06-03 14:46:13.256086 |
SQL Injection in USOC
CRITICAL (10)
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to upgrade as soon as possible. There are not workarounds for this issue.
Published: 2022-01-04T19:55:10.000Z
Updated: 2025-04-23T19:15:12.267Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.