Critical severity9.1NVD Advisory· Published Jan 4, 2022· Updated Jun 17, 2026
CVE-2022-21644
CVE-2022-21644
Description
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are advised to upgrade as soon as possible. There are not workarounds for this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < Pb2.4Bfx2
Patches
Vulnerability mechanics
References
2- github.com/Aaron-Junker/USOC/commit/06217c66c8f9b114726b21633eabcd88ac9034aanvdPatchThird Party Advisory
- github.com/Aaron-Junker/USOC/security/advisories/GHSA-89jg-6fr3-9q4hnvdThird Party Advisory
News mentions
0No linked articles in our index yet.