CVE-2021-26633 Information

Description

SQL injection and Local File Inclusion (LFI) vulnerabilities in MaxBoard can cause information leakage and privilege escalation. This vulnerabilities can be exploited by manipulating a variable with a desired value and inserting and arbitrary file.

Reference

https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66745