Vulnerabilities > Maxb > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2021-26636 SQL Injection vulnerability in Maxb Maxboard 1.9.6
Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation.
network
low complexity
maxb CWE-89
critical
 9.6
9.6
2022-06-02 CVE-2021-26633 SQL Injection vulnerability in Maxb Maxboard
SQL injection and Local File Inclusion (LFI) vulnerabilities in MaxBoard can cause information leakage and privilege escalation.
network
low complexity
maxb CWE-89
critical
 9.8
9.8
2022-06-02 CVE-2021-26634 Unrestricted Upload of File with Dangerous Type vulnerability in Maxb Maxboard
SQL injection and file upload attacks are possible due to insufficient validation of input values in some parameters and variables of files compromising Maxboard, which may lead to arbitrary code execution or privilege escalation.
network
low complexity
maxb CWE-434
critical
 9.8
9.8