CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4837

Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE) before 1.4.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[1] parameter to base/base_qry_main.php, or the time[0][1] parameter to (2) base/base_stat_alerts.php or (3) base/base_stat_uaddr.php. NOTE: some of these details are obtained from third party information.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.7%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2009-4837

Secureideas » Basic Analysis And Security Engine » Version: 1.1

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1
Secureideas » Basic Analysis And Security Engine » Version: 1.1.2

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1.2
Secureideas » Basic Analysis And Security Engine » Version: 1.1.3

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1.3
Secureideas » Basic Analysis And Security Engine » Version: 1.1.4

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.1.4
Secureideas » Basic Analysis And Security Engine » Version: 1.2

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2
Secureideas » Basic Analysis And Security Engine » Version: 1.2.0

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.0
Secureideas » Basic Analysis And Security Engine » Version: 1.2.1

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.1
Secureideas » Basic Analysis And Security Engine » Version: 1.2.2

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.2
Secureideas » Basic Analysis And Security Engine » Version: 1.2.4

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.4
Secureideas » Basic Analysis And Security Engine » Version: 1.2.5

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.5
Secureideas » Basic Analysis And Security Engine » Version: 1.2.6

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.6
Secureideas » Basic Analysis And Security Engine » Version: 1.2.7

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.2.7
Secureideas » Basic Analysis And Security Engine » Version: 1.3.5

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.3.5
Secureideas » Basic Analysis And Security Engine » Version: 1.3.6

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.3.6
Secureideas » Basic Analysis And Security Engine » Version: 1.3.8

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.3.8
Secureideas » Basic Analysis And Security Engine » Version: 1.3.9

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.3.9
Secureideas » Basic Analysis And Security Engine » Version: 1.4.3

cpe:2.3:a:secureideas:basic_analysis_and_security_engine:1.4.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2009-4837

Products

Pricing

Contact Us