CVE-2012-1198

baseagmain.php in Basic Analysis and Security Engine BASE 1.4.5 allows remote attackers to execute arbitrary code by uploading contents of the file with an executable extension via a create action, then accessing it via a view action...

CVE-2012-1198

CVE-2012-1198 affects BASE 1.4.5. The issue occurs in base_ag_main.php where an attacker can upload a file with an executable extension via a create action and then access it via a view action, enabling remote code execution. The NVD entry assigns a CVSSv2 base score of 7.5 (HIGH) with network ac...

CVE-2009-4838

SQL injection vulnerability in baseagcommon.php in Basic Analysis and Security Engine BASE before 1.4.3.1 allows remote attackers to execute arbitrary SQL commands via unspecified parameters. NOTE: some of these details are obtained from third party information...

CVE-2007-6156

Multiple cross-site scripting XSS vulnerabilities in baseqrymain.php in Base Analysis and Security Engine BASE before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the 1 sig0 and 2 sig1 parameters...