CVE-2009-4839

Published: May 6, 2010Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.

Affected (18)

Products: Secureideas: Basic Analysis And Security Engine

Secureideas

1 product

Basic Analysis And Security Engine

Configuration A

18 vulnerable

Vulnerable Software	Affected Versions
Secureideas Basic Analysis And Security Engine	Up to 1.4.4
Secureideas Basic Analysis And Security Engine	Version 1.1.2
Secureideas Basic Analysis And Security Engine	Version 1.1.3
Secureideas Basic Analysis And Security Engine	Version 1.1.4
Secureideas Basic Analysis And Security Engine	Version 1.1
Secureideas Basic Analysis And Security Engine	Version 1.2.0
Secureideas Basic Analysis And Security Engine	Version 1.2.1
Secureideas Basic Analysis And Security Engine	Version 1.2.2
Secureideas Basic Analysis And Security Engine	Version 1.2.4
Secureideas Basic Analysis And Security Engine	Version 1.2.5
Secureideas Basic Analysis And Security Engine	Version 1.2.6
Secureideas Basic Analysis And Security Engine	Version 1.2.7
Secureideas Basic Analysis And Security Engine	Version 1.2
Secureideas Basic Analysis And Security Engine	Version 1.3.5
Secureideas Basic Analysis And Security Engine	Version 1.3.6
Secureideas Basic Analysis And Security Engine	Version 1.3.8
Secureideas Basic Analysis And Security Engine	Version 1.3.9
Secureideas Basic Analysis And Security Engine	Version 1.4.3