CVE-2007-6156
Base Analysis and Security Engine <1.3.9 - XSS
Title source: llmDescription
Multiple cross-site scripting (XSS) vulnerabilities in base_qry_main.php in Base Analysis and Security Engine (BASE) before 1.3.9 allow remote attackers to inject arbitrary web script or HTML via the (1) sig[0] and (2) sig[1] parameters.
References (6)
Scores
EPSS
0.0051
EPSS Percentile
66.0%
Classification
CWE
CWE-79
Status
draft
Affected Products (15)
secureideas/basic_analysis_and_security_engine
< 1.3.8
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
secureideas/basic_analysis_and_security_engine
Timeline
Published
Nov 29, 2007
Tracked Since
Feb 18, 2026