| Max CVSS | 6.5 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2006-3827 | 6.5 |
SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter.
|
17-10-2018 - 21:31 | 25-07-2006 - 13:22 | |
| CVE-2006-3829 | 5.0 |
Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote attackers to perform unauthorized actions as an administrator and delete arbitrary user accounts via a del
|
17-10-2018 - 21:31 | 25-07-2006 - 13:22 | |
| CVE-2006-3828 | 6.5 |
Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to bypass SQL injection protection mechanisms by using commas, quote characters, pound sign (#) characters,
|
17-10-2018 - 21:31 | 25-07-2006 - 13:22 | |
| CVE-2006-3826 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) user_login, (2) full_name, and (3) URL parameters in regist
|
17-10-2018 - 21:31 | 25-07-2006 - 13:22 |