BASE

CVEs (2)

• CVE-2006-2685May 31, 2006
  BASE

  BASE
  risk 0.10cvss —epss 0.86

  PHP remote file inclusion vulnerability in Basic Analysis and Security Engine (BASE) 1.2.4 and earlier, with register_globals enabled, allows remote attackers to execute arbitrary PHP code via a URL in the BASE_path parameter to (1) base_qry_common.php, (2) base_stat_common.php,…

• CVE-2007-6156Nov 29, 2007
  BASE

  BASE
  risk 0.00cvss —epss 0.01

  Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.