Vulnerability Details CVE-2022-21666
Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file `admin/pages/useredit.php` with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of `admin/pages/useredit.php`.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 60.6%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- https://github.com/Aaron-Junker/USOC/commit/c331d26aaab41a7e9e8c1c1a990132dca9d01e10
- https://github.com/Aaron-Junker/USOC/releases/tag/Pb2.4Bfx3
- https://github.com/Aaron-Junker/USOC/security/advisories/GHSA-557p-hhpc-4wrx
- https://github.com/Aaron-Junker/USOC/commit/c331d26aaab41a7e9e8c1c1a990132dca9d01e10
- https://github.com/Aaron-Junker/USOC/releases/tag/Pb2.4Bfx3
- https://github.com/Aaron-Junker/USOC/security/advisories/GHSA-557p-hhpc-4wrx
Products affected by CVE-2022-21666
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pa1.0bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.0bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.0bfx1
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.0bfx2
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.1bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.2bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.3bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.4bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.5bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.6bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.7bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.7bfx1
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb1.8bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.0bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.0bfx1
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.1bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.2bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.3bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.4bfx0
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.4bfx1
-
cpe:2.3:a:useful_simple_open-source_cms_project:useful_simple_open-source_cms:pb2.4bfx2