Maxb: >> Maxboard >> 1.9.6 Security Vulnerabilities
Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation.
CVSS Score
8.8
EPSS Score
0.008
Published
2022-06-23
Insufficient script validation of the admin page enables XSS, which causes unauthorized users to steal admin privileges. When uploading file in a specific menu, the verification of the files is insufficient. It allows remote attackers to upload arbitrary files disguising them as image files.
CVSS Score
8.1
EPSS Score
0.003
Published
2022-04-26