NVD

Id
51956  
Name
CVE-2009-4839  
Description
Multiple cross-site scripting (XSS) vulnerabilities in Basic Analysis and Security Engine (BASE), possibly 1.4.4 and earlier, allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to (1) admin/base_roleadmin.php, (2) admin/base_useradmin.php, (3) base_conf_contents.php, (4) base_qry_sqlcalls.php, and (5) base_ag_main.php.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-01-07  
Published
2010-05-06  
Modified Date
2012-07-03  
Seq
2009-4839  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
262742 51956 CVE-2009-4839 http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/admin/base_roleadmin.php?view=log  View
262743 51956 CVE-2009-4839 http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/admin/base_useradmin.php?view=log  View
262744 51956 CVE-2009-4839 http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/base_ag_main.php?view=log  View
262745 51956 CVE-2009-4839 http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/base_conf_contents.php?view=log  View
262746 51956 CVE-2009-4839 http://secureideas.cvs.sourceforge.net/viewvc/secureideas/base-php4/base_qry_sqlcalls.php?view=log  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37939 JVNDB-2010-003724 BASE におけるクロスサイトスクリプティングの脆弱性 Basic Analysis and Security Engine (BASE) には、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2009-4839 42270 CVE-2009-4839 51956 4.3 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003724.html 2010-05-06 2012-06-26 View