Unrated severityNVD Advisory· Published Jul 25, 2006· Updated Apr 16, 2026

CVE-2006-3829

Description

Cross-site request forgery (CSRF) vulnerability in bmc/admin.php in Kailash Nadh boastMachine (formerly bMachine) 3.1 and earlier allows remote attackers to perform unauthorized actions as an administrator and delete arbitrary user accounts via a delete_user action.

Affected products

Kailash Nadh/Boastmachine5 versions
cpe:2.3:a:kailash_nadh:boastmachine:2.5:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:kailash_nadh:boastmachine:2.5:*:*:*:*:*:*:*
- cpe:2.3:a:kailash_nadh:boastmachine:2.7:*:*:*:*:*:*:*
- cpe:2.3:a:kailash_nadh:boastmachine:2.8:*:*:*:*:*:*:*
- cpe:2.3:a:kailash_nadh:boastmachine:2.9b:*:*:*:*:*:*:*
- cpe:2.3:a:kailash_nadh:boastmachine:3.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.acid-root.new.fr/advisories/boastmachine.txtnvdExploit
secunia.com/advisories/21066nvdVendor Advisory
securityreason.com/securityalert/1252nvd
securitytracker.com/idnvd
www.securityfocus.com/archive/1/440306/100/0/threadednvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000