Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the PrintFreshPage function in (1) Basic Analysis and Security Engine (BASE) 1.2.4 and (2) Analysis Console for Intrusion Databases (ACID) 0.9.6b23 allows remote attackers to inject arbitrary web script or HTML via the (a) back parameter to base_graph_main.php, (b) netmask parameter to base_stat_ipaddr.php, or (c) submit parameter to base_qry_alert.php within BASE, or (d) query string to acid_main.php in ACID, which causes the request URI ($_SERVER['REQUEST_URI']) to be inserted into a refresh operation.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Basic Analysis and Security Engine rintFreshPage 跨站脚本漏洞
Vulnerability Description
通过BASE中的(a)到base_graph_main.php的back参数,(b)到base_stat_ipaddr.php的netmask参数,或者(c)到base_qry_alter.php的submit参数,或者(d)ACID中到acid_main.php的query字符串,(1)基本分析和安全引擎(BASE)1.2.4和(2)入侵数据库的分析控制台(ACID)0.9.6b23可让远程攻击者注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A