CVE Vulnerabilities

CVE-2006-3827

Published: Jul 25, 2006 | Modified: Oct 17, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.5 MEDIUM
AV:N/AC:L/Au:S/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

SQL injection vulnerability in bmc/Inc/core/admin/search.inc.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to execute arbitrary SQL commands via the blog parameter.

Affected Software

Name Vendor Start Version End Version
Boastmachine Kailash_nadh 2.8 2.8
Boastmachine Kailash_nadh 2.7 2.7
Boastmachine Kailash_nadh 2.9b 2.9b
Boastmachine Kailash_nadh 2.5 2.5
Boastmachine Kailash_nadh 3.1 3.1

References