Lucene search
K
SecureideasBasic Analysis And Security Engine

4 matches found

CVE
CVE
added 2010/05/05 6:0 p.m.59 views

CVE-2009-4837

CVE-2009-4837 involves multiple cross-site scripting (XSS) vulnerabilities in the Basic Analysis and Security Engine (BASE) prior to version 1.4.3.1. The affected components allow remote attackers to inject arbitrary web script or HTML via the following parameters: (1) sig[1] in base/base_qry_mai...

4.3CVSS5.8AI score0.01097EPSS
Web
CVE
CVE
added 2010/05/05 6:0 p.m.50 views

CVE-2009-4839

The CVE-2009-4839 entry concerns the Basic Analysis and Security Engine (BASE), likely versions 1.4.4 and earlier. The issue comprises multiple input-validation vulnerabilities in BASE allowing remote attackers to inject arbitrary web script or HTML (XSS) via parameters to admin/base_roleadmin.ph...

4.3CVSS5.9AI score0.01083EPSS
CVE
CVE
added 2007/11/29 1:0 a.m.43 views

CVE-2007-6156

BASE/Base Analysis and Security Engine (BASE) before 1.3.9 contains cross-site scripting in base_qry_main.php, exploitable via sig[0] and sig[1] parameters. This affects BASE 1.3.8 and earlier releases per CVE-2007-6156. Impact: remote attackers can inject arbitrary web script/HTML. Mitigation: u...

4.3CVSS5.7AI score0.0125EPSS
CVE
CVE
added 2009/02/18 8:0 p.m.39 views

CVE-2005-4878

CVE-2005-4878 details: Multiple XSS vulnerabilities in ACID 0.9.6b20 (acid_qry_main.php) and BASE 1.2 (base_qry_main.php), plus unspecified consoles, allow remote injection via the sig[1] parameter and related inputs. Connected documents also flag a separate but related issue CVE-2007-6156 affect...

4.3CVSS6AI score0.01089EPSS