4 matches found
CVE-2009-4837
CVE-2009-4837 involves multiple cross-site scripting (XSS) vulnerabilities in the Basic Analysis and Security Engine (BASE) prior to version 1.4.3.1. The affected components allow remote attackers to inject arbitrary web script or HTML via the following parameters: (1) sig[1] in base/base_qry_mai...
CVE-2005-4878
Multiple cross-site scripting XSS vulnerabilities in 1 acidqrymain.php in Analysis Console for Intrusion Databases ACID 0.9.6b20 and 2 baseqrymain.php in Basic Analysis and Security Engine BASE 1.2, and unspecified other console scripts in these products, allow remote attackers to inject arbitrar...
CVE-2007-6156
Multiple cross-site scripting XSS vulnerabilities in baseqrymain.php in Base Analysis and Security Engine BASE before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the 1 sig0 and 2 sig1 parameters...
CVE-2007-6156
BASE/Base Analysis and Security Engine (BASE) before 1.3.9 contains cross-site scripting in base_qry_main.php, exploitable via sig[0] and sig[1] parameters. This affects BASE 1.3.8 and earlier releases per CVE-2007-6156. Impact: remote attackers can inject arbitrary web script/HTML. Mitigation: u...