Basic Analysis And Security Engine@1.3.6 Security Vulnerabilities and Issues — Basic Analysis And Security Engine@1.3.6 CVE List

Lucene search

SecureideasBasic Analysis And Security Engine1.3.6

2 matches found

cve•added 2007/11/29 1:46 a.m.•34 views

CVE-2007-6156

Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.

4.3CVSS5.7AI score0.00475EPSS

cve•added 2007/10/18 10:17 p.m.•31 views

CVE-2007-5578

Basic Analysis and Security Engine (BASE) before 1.3.8 sends a redirect to the web browser but does not exit, which allows remote attackers to bypass authentication via (1) base_main.php, (2) base_qry_alert.php, and possibly other vectors.

7.5CVSS7AI score0.00658EPSS