CVE-2022-21666

Name of the Vulnerable Software and Affected Versions Useful Simple Open-Source CMS (USOC) versions prior to Pb2.4Bfx3

Description The issue allows SQL injection in the usersearch.php file, but only for users with administrative privileges. This affects the content management system's security. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For versions prior to Pb2.4Bfx3, replace the file admin/pages/useredit.php with a newer version to resolve the issue. USOC version Pb2.4Bfx3 already contains a fixed version of admin/pages/useredit.php, so no action is required for this version.