CVE-2012-1199

Basic Analysis and Security Engine 1.4.5 - Remote Code Execution via PHP File Inclusion

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 38 public exploits for CVE-2012-1199. PoCs published by indoushka.

AI-analyzed exploit summary The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks functional exploit code.

Description

Multiple PHP remote file inclusion vulnerabilities in Basic Analysis and Security Engine (BASE) 1.4.5 allow remote attackers to execute arbitrary PHP code via a URL in the (1) BASE_path parameter to base_ag_main.php, (2) base_db_setup.php, (3) base_graph_common.php, (4) base_graph_display.php, (5) base_graph_form.php, (6) base_graph_main.php, (7) base_local_rules.php, (8) base_logout.php, (9) base_main.php, (10) base_maintenance.php, (11) base_payload.php, (12) base_qry_alert.php, (13) base_qry_common.php, (14) base_qry_main.php, (15) base_stat_alerts.php, (16) base_stat_class.php, (17) base_stat_common.php, (18) base_stat_ipaddr.php, (19) base_stat_iplink.php, (20) base_stat_ports.php, (21) base_stat_sensor.php, (22) base_stat_time.php, (23) base_stat_uaddr.php, (24) base_user.php, (25) index.php, (26) admin/base_roleadmin.php, (27) admin/base_useradmin.php, (28) admin/index.php, (29) help/base_setup_help.php, (30) includes/base_action.inc.php, (31) includes/base_cache.inc.php, (32) includes/base_db.inc.php, (33) includes/base_db.inc.php, (34) includes/base_include.inc.php, (35) includes/base_output_html.inc.php, (36) includes/base_output_query.inc.php, (37) includes/base_state_criteria.inc.php, (38) includes/base_state_query.inc.php or (39) setup/base_conf_contents.php; (40) GLOBALS[user_session_path] parameter to includes/base_state_common.inc.php; (41) BASE_Language parameter to setup/base_conf_contents.php; or (42) ado_inc_php parameter to setup/setup2.php.

Exploits (38)

exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36757

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks functional exploit code.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36755

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks executable code or detailed technical steps.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36754

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks functional exploit code.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36753

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL example but lacks actual exploit code or technical details for execution.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application · Ability to craft malicious URLs
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36752

The provided text describes a security-bypass and remote file-include vulnerability in BASE 1.4.5, but does not include functional exploit code. It references a URL parameter manipulation for exploitation.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36732

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks functional exploit code.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36731

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36730

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36729

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36728

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks functional exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36727

The provided text describes a security-bypass and remote file-include vulnerability in BASE 1.4.5, but does not include functional exploit code. It references a URL parameter manipulation for potential exploitation.

Classification
Writeup 80%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application · Ability to manipulate URL parameters
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36726

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36725

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target URL · BASE software installed and running
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36711

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36710

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details for execution.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36709

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. The exploit involves manipulating the 'BASE_path' parameter in 'base_main.php' to include arbitrary files, potentially leading to unauthorized access or code execution.

Classification
Writeup 80%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application · Knowledge of the vulnerable parameter
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36708

The exploit describes a remote file inclusion vulnerability in BASE 1.4.5 via the 'BASE_path' parameter in 'base_logout.php'. It allows an attacker to include arbitrary files, potentially leading to unauthorized access or code execution.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the vulnerable BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36707

The provided text describes a security-bypass and remote file-include vulnerability in BASE 1.4.5, where an attacker can exploit the 'BASE_path' parameter in 'base_local_rules.php' to include arbitrary files. The exploit URL is provided as a proof-of-concept.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target URL
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36706

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. The advisory includes a reference to an exploit URL but lacks actual exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36705

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. The advisory includes a reference to a vulnerable function and a sample exploit URL but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the vulnerable BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36704

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. The exploit involves manipulating the 'BASE_path' parameter in 'base_graph_display.php' to include arbitrary files.

Classification
Writeup 80%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36703

The provided text describes a security-bypass and remote file-include vulnerability in BASE 1.4.5, where an attacker can exploit the 'BASE_path' parameter in 'base_graph_common.php' to include arbitrary files. No actual exploit code is present, only a description and an example URL.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target URL · BASE 1.4.5 installed on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36702

The provided text describes a security-bypass and remote file-include vulnerability in BASE 1.4.5, but does not include functional exploit code. It references a vulnerable parameter in `base_db_setup.php` without demonstrating exploitation.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the vulnerable BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36724

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL example but lacks actual exploit code or technical details.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36723

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL example but lacks actual exploit code or technical details for execution.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36721

The provided text describes a security-bypass and remote file-include vulnerability in BASE 1.4.5. It includes a generic exploit URL but lacks actual exploit code or technical details for execution.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36720

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36719

The provided text describes a vulnerability in BASE (Basic Analysis and Security Engine) version 1.4.5, which includes a security bypass and remote file inclusion vulnerabilities. The exploit URL demonstrates a path traversal attack via the 'BASE_path' parameter.

Classification
Writeup 80%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the vulnerable BASE web interface
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36722

The exploit describes a security-bypass and remote file-include vulnerability in BASE 1.4.5. It provides a URL example demonstrating how an attacker can manipulate the 'user_session_path' parameter to include arbitrary files.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36718

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36717

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36716

The provided text describes a vulnerability in BASE (Basic Analysis and Security Engine) version 1.4.5, which includes a security bypass and remote file inclusion vulnerabilities. The exploit URL demonstrates how an attacker could manipulate the 'BASE_path' parameter to include arbitrary files.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36715

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks functional exploit code.

Classification
Writeup 80%
Attack Type
Info Leak | Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36714

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details for execution.

Classification
Writeup 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36713

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details for execution.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36712

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target web application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36759

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL example but lacks actual exploit code or technical details.

Classification
Writeup 80%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE application
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/36758

The provided text describes a security advisory for BASE (Basic Analysis and Security Engine) version 1.4.5, highlighting a security-bypass vulnerability and multiple remote file-include vulnerabilities. It includes a generic exploit URL but lacks actual exploit code or technical details for execution.

Classification
Writeup 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Theoretical
Target: BASE 1.4.5
No auth needed
Prerequisites: Access to the target BASE installation
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/51979
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/73200

Scores

EPSS 0.0348
EPSS Percentile 87.6%

Details

CWE
CWE-94
Status published
Products (1)
secureideas/basic_analysis_and_security_engine 1.4.5
Published Feb 18, 2012
Tracked Since Feb 18, 2026