VYPR

USOC

by USOC

CVEs (2)

  • CVE-2022-21644CriJan 4, 2022
    risk 0.00cvss 9.1epss 0.01

    USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site…

  • CVE-2022-21643CriJan 4, 2022
    risk 0.00cvss 10.0epss 0.01

    USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users…