SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation. Attackers can use these vulnerabilities to perform attacks such as stealing server management rights using a web shell.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: krcert
Published: 2022-06-01T14:59:25
Updated: 2024-08-03T20:26:25.727Z
Reserved: 2021-02-03T00:00:00
Link: CVE-2021-26634
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-06-02T14:15:28.243
Modified: 2023-06-26T17:59:11.773
Link: CVE-2021-26634
Redhat
No data.