← volver
CVE-2009-4839

CVE-2009-4839

EPSS 1.1%
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/admin/base_roleadmin.php?view=loghttp://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/admin/base_useradmin.php?view=loghttp://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/base_ag_main.php?view=loghttp://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/base_conf_contents.php?view=loghttp://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/base_qry_sqlcalls.php?view=log