Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and previous versions, allow remote malicious users to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
secureideas basic analysis and security engine 1.2.2 |
||
secureideas basic analysis and security engine 1.1.2 |
||
secureideas basic analysis and security engine 1.3.9 |
||
secureideas basic analysis and security engine 1.2.4 |
||
secureideas basic analysis and security engine 1.1.4 |
||
secureideas basic analysis and security engine 1.1.3 |
||
secureideas basic analysis and security engine 1.3.6 |
||
secureideas basic analysis and security engine 1.3.5 |
||
secureideas basic analysis and security engine |
||
secureideas basic analysis and security engine 1.2.0 |
||
secureideas basic analysis and security engine 1.2.5 |
||
secureideas basic analysis and security engine 1.2.6 |
||
secureideas basic analysis and security engine 1.2.7 |
||
secureideas basic analysis and security engine 1.2 |
||
secureideas basic analysis and security engine 1.2.1 |
||
secureideas basic analysis and security engine 1.1 |
||
secureideas basic analysis and security engine 1.3.8 |
||
secureideas basic analysis and security engine 1.4.3 |