Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2006-3830

Published: 25/07/2006 Updated: 05/09/2008
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Vulnerability Summary

The Languages selection in the admin interface in Kailash Nadh boastMachine (formerly bMachine) 3.1 and previous versions allows remote authenticated administrators to upload files with arbitrary extensions to the bmc/Inc/Lang directory. NOTE: because the uploaded files cannot be accessed through HTTP, this issue is a vulnerability only if there is a likely usage pattern in which the files would be opened or executed by local users, e.g., malware files with names that entice local users to open the files.

Vulnerable Product Search on Vulmon Subscribe to Product

kailash nadh boastmachine 2.5

kailash nadh boastmachine 2.7

kailash nadh boastmachine 2.8

kailash nadh boastmachine 2.9b

kailash nadh boastmachine 3.1

References

NVD-CWE-Otherhttp://www.acid-root.new.fr/advisories/boastmachine.txthttp://secunia.com/advisories/21066https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2012-1823malicious code‎CVE-2024-5770CVE-2023-45866CVE-2024-35687local usersCVE-2024-31246CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook