Vulnerability Details CVE-2021-26644
SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 77.4%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2021-26644
-
cpe:2.3:a:mangboard:mangboard_wp:2.0.3
-
cpe:2.3:o:microsoft:windows:-