CVE-2021-26644
Severity CVSS v4.0:
Pending analysis
Type:
CWE-89
SQL Injection
Publication date:
20/01/2023
Last modified:
27/01/2023
Description
SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* | ||
cpe:2.3:a:mangboard:mangboard_wp:2.0.3:*:*:*:basic:wordpress:*:* |
To consult the complete list of CPE names with products and versions, see this page