CVE-2006-3831
Summary
| CVE | CVE-2006-3831 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-07-25 13:22:00 UTC |
| Updated | 2018-10-17 21:31:00 UTC |
| Description | The Backup selection in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier uses predicable filenames for database backups and stores the files under the web root with insufficient access control, which allows remote attackers to obtain sensitive information by downloading a backup file. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Kailash Nadh | Boastmachine | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| new.fr is available for purchase - Sedo.com | MISC | www.acid-root.new.fr | |
| CXSecurity - IDS | SREASON | securityreason.com | |
| SecurityTracker.com Archives - boastMachine Input Validation Flaw Permits Cross-Site Scripting and SQL Injection Attacks | SECTRACK | securitytracker.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Secunia - Advisories - boastMachine Multiple Vulnerabilities | SECUNIA | secunia.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.