CVE-2007-6156

Severity CVSS v4.0:
Pending analysis
Type:
CWE-79 Cross-Site Scripting (XSS)
Publication date:
29/11/2007
Last modified:
09/04/2025

Description

Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:*:*:*:*:*:*:*:* 1.3.8 (including)
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1.2:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1.3:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1.4:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.3.5:*:*:*:*:*:*:*
cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.3.6:*:*:*:*:*:*:*