Every CVE whose affected-product data names Boastmachine, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2005-1580 — CVSS 7.5 (high): users.ini.php in BoastMachine 3.0 does not properly restrict the types of files that can be uploaded, which allows remote attackers to…
CVE-2008-0422 — CVSS 7.5 (high): SQL injection vulnerability in mail.php in boastMachine (aka bMachine) 3.1 and earlier allows remote attackers to execute arbitrary SQL…
CVE-2006-2491 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in (1) index.php and (2) bmc/admin.php in BoastMachine (bMachine) 3.1 and earlier allows remote…
CVE-2007-2860 — CVSS 6.5 (medium): user.php in BoastMachine 3.0 platinum allows remote authenticated users to gain privileges via a modified id parameter, as demonstrated by…
CVE-2007-5417 — CVSS 5.0 (medium): Directory traversal vulnerability in index.php in boastMachine (aka bMachine) 2.8 allows remote attackers to read arbitrary files via a…
CVE-2006-0131 — CVSS 5.0 (medium): boastMachine 3.1 allows remote attackers to obtain sensitive information via a direct request to (1) footer.php and (2) side_menu.php…
CVE-2007-2932 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php in BoastMachine allows remote attackers to inject arbitrary web script or HTML via…