100 matches found
CVE-2005-1580
users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded, which allows remote attackers to execute arbitrary code...
CVE-2006-3830
The Languages selection in the admin interface in Kailash Nadh boastMachine formerly bMachine 3.1 and earlier allows remote authenticated administrators to upload files with arbitrary extensions to the bmc/Inc/Lang directory. NOTE: because the uploaded files cannot be accessed through HTTP, this...
EUVD-2005-1583
Malware in sbrugna...
EUVD-2007-2852
Malware in sbrugna...
EUVD-2006-3821
Malware in sbrugna...
EUVD-2006-3822
Malware in sbrugna...
EUVD-2006-3825
Malware in sbrugna...
EUVD-2006-3823
Malware in sbrugna...
EUVD-2006-1841
Malware in sbrugna...
EUVD-2007-2924
Malware in sbrugna...
EUVD-2008-0432
Malware in sbrugna...
EUVD-2007-5393
Malware in sbrugna...
EUVD-2006-0139
Malware in sbrugna...
boastMachine vulnerable to cross-site scripting
Overview boastMachine provided by knadh contains a cross-site scripting vulnerability CWE-79. Daiki Fukumori reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An arbitrary script may be executed on the user's...
JVN#65660590: boastMachine vulnerable to cross-site scripting
boastMachine provided by knadh contains a cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on the user's web browser. Solution Stop using "boastMachine" The developer states that the product is no longer supported, therefore stop using the product. Products...
BoastMachine 3.1 Admin.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18012/info BoastMachine is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the browser...
boastMachine 2.8 Index.PHP Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26032/info boastMachine is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local script...
BoastMachine 3.1 Index.PHP Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24156/info BoastMachine is prone to a cross-site scripting vulnerability. Exploiting this vulnerability may allow an attacker to perform cross-site scripting attacks on unsuspecting users in the context of the affected...
boastMachine <= 3.1 - CSRF Add Admin Vulnerability
No description provided by source. Exploit Title: boastMachine v3.1 = CSRF Add Admin Vulnerability Date: 28/3/2012 Author: Dr.NaNo Software Link: http://boastology.com/pages/dload.php?id=bmachine-3.1.zip Version: 3.1 Tested on: Linux-Red-Hat Google Dork: Powered by boastMachine v3.1 Exploit html...
boastMachine <= 3.1 (mail.php id) SQL Injection Vulnerability
No description provided by source. ...:::::boastMachine =3.1 SQL Injection Vulnerbility ::::.... Virangar Security Team www.virangar.org www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hacke...