CVE-2021-26644 Information

Description

SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.

Reference

https://boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=67127