Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and previous versions allows remote malicious users to perform unauthorized actions as an administrator and delete arbitrary user accounts via a delete_user action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kailash nadh boastmachine 2.8 |
||
kailash nadh boastmachine 2.7 |
||
kailash nadh boastmachine 2.9b |
||
kailash nadh boastmachine 2.5 |
||
kailash nadh boastmachine 3.1 |