21 matches found
EUVD-2022-26867
Malicious code in bioql PyPI...
EUVD-2022-26868
Malicious code in bioql PyPI...
CVE-2022-21644
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are...
CVE-2022-21666
Useful Simple Open-Source CMS USOC is a content management system CMS for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file admin/pages/useredit.php with a newer version. USOC version...
CVE-2022-21643
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...
CVE-2022-21666
Useful Simple Open-Source CMS USOC is a content management system CMS for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file admin/pages/useredit.php with a newer version. USOC version...
CVE-2022-21666
CVE-2022-21666 concerns the Useful Simple Open-Source CMS (USOC). Multiple connected records confirm a SQL injection vulnerability in the admin functionality, specifically involving the file path admin/pages/useredit.php and related usersearch.php logic. The flaw affects versions prior to Pb2.4Bf...
CVE-2022-21666 SQL Injection in useredit.php
Useful Simple Open-Source CMS USOC is a content management system CMS for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file admin/pages/useredit.php with a newer version. USOC version...
CVE-2022-21666 SQL Injection in useredit.php
Useful Simple Open-Source CMS USOC is a content management system CMS for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file admin/pages/useredit.php with a newer version. USOC version...
Usoc SQL注入漏洞
Usoc is a useful and simple open source Cms from the individual developer Aaron Junker in Switzerland. A security vulnerability exists in Usoc, which stems from the fact that versions prior to Pb2.4Bfx3 only allow users with administrative privileges to perform Sql injection in usersearch.php...
CVE-2022-21643
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...
CVE-2022-21644
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are...
Sql injection
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...
CVE-2022-21644 SQL Injection via search in USOC
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are...
CVE-2022-21644
Summary: CVE-2022-21644 affects USOC, an open source CMS. The vulnerability arises in the search functionality (usersearch.php) where user-supplied terms are not sanitized and are directly used to construct SQL statements, enabling SQL injection. The issue is limited to affected USOC versions wit...
CVE-2022-21644 SQL Injection via search in USOC
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are...
CVE-2022-21643
CVE-2022-21643 concerns USOC, an open-source CMS. The vulnerability is a SQL injection in register.php triggered by unsanitized user inputs (username, email, password) used to construct SQL statements. Affected versions are susceptible; upgrade is advised and there are no documented workarounds i...
CVE-2022-21643 SQL Injection in USOC
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...
CVE-2022-21643 SQL Injection in USOC
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...
CVE-2022-21643 SQL Injection in USOC
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to...