Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
SQL Injection in useredit.php
Vulnerability Description
Useful Simple Open-Source CMS (USOC) is a content management system (CMS) for programmers. Versions prior to Pb2.4Bfx3 allowed Sql injection in usersearch.php only for users with administrative privileges. Users should replace the file `admin/pages/useredit.php` with a newer version. USOC version Pb2.4Bfx3 contains a fixed version of `admin/pages/useredit.php`.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Usoc SQL注入漏洞
Vulnerability Description
Usoc是瑞士Aaron Junker个人开发者的一个有用的简单开源 Cms。 Usoc 存在安全漏洞,该漏洞源于Pb2.4Bfx3之前的版本只允许具有管理权限的用户在usersearch.php中进行Sql注入。用户应该用更新的版本替换“admin pages useredit.php”文件。USOC版本Pb2.4Bfx3包含一个固定版本的“admin pages useredit.php”。
CVSS Information
N/A
Vulnerability Type
N/A