Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Maxboard Remote Code Execution
Vulnerability Description
Stored XSS and SQL injection vulnerability in MaxBoard could lead to occur Remote Code Execution, which could lead to information exposure and privilege escalation.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
Max Yi MaxBoard SQL注入漏洞
Vulnerability Description
Max Yi MaxBoard是韩国Max Yi公司的一个 CMS(内容管理系统) 或 Web 框架。有助于使网站创建和站点管理更容易,并且可以轻松方便地用于构建应用程序的后端。 MaxBoard存在安全漏洞,该漏洞源于存储的跨站脚本漏洞和SQL注入漏洞会导致发生远程代码执行、信息泄露和权限提升。
CVSS Information
N/A
Vulnerability Type
N/A