CVE-2006-3828 in boastMachine情報

要約 (英語)

Incomplete blacklist vulnerability in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote authenticated administrators to bypass SQL injection protection mechanisms by using commas, quote characters, pound sign (#) characters, "UNION," and "SELECT," which are not filtered by the product, which only checks for "insert," "delete," "update," and "replace."

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

予約する

2006年07月24日

公開

2006年07月25日

ステータス

確認済み

エントリ

VulDB provides additional information and datapoints for this CVE:

識別子脆弱性CWE悪用可対策CVE
31495Kailash Nadh boastMachine SQLインジェクション89概念実証未定義CVE-2006-3828

説明

CPE

CWE

CVSS

エクスプロイト

履歴

差分

リンクする

脅威インテリジェンス

API JSON

API XML

API CSV

ソース

概要

Want to stay up to date on a daily basis?

Enable the mail alert feature now!