Cross-site scripting (XSS) vulnerability in search.php in boastMachine (bMachine) 2.7, and possibly other versions prior to 2.9b, allows remote malicious users to inject arbitrary web script or HTML via the key parameter, as used by the search field.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kailash nadh boastmachine 2.9b |
||
kailash nadh boastmachine 2.7 |
||
kailash nadh boastmachine 2.8 |
||
kailash nadh boastmachine 2.5 |