SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Boastmachine | Kailash_nadh | 2.8 | 2.8 |
Boastmachine | Kailash_nadh | 2.7 | 2.7 |
Boastmachine | Kailash_nadh | 2.9b | 2.9b |
Boastmachine | Kailash_nadh | 2.5 | 2.5 |
Boastmachine | Kailash_nadh | 3.1 | 3.1 |