ID CVE-2004-1645
Summary Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x.
References
Vulnerable Configurations
  • cpe:2.3:a:jerod_moemeka:xedus:1.0
    cpe:2.3:a:jerod_moemeka:xedus:1.0
CVSS
Base: 4.3 (as of 31-05-2005 - 21:24)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
exploit-db via4
  • description Xedus Web Server 1.0 test.x username Parameter XSS. CVE-2004-1645. Remote exploit for windows platform
    id EDB-ID:24417
    last seen 2016-02-02
    modified 2004-09-30
    published 2004-09-30
    reporter James Bercegay
    source https://www.exploit-db.com/download/24417/
    title Xedus Web Server 1.0 test.x username Parameter XSS
  • description Xedus Web Server 1.0 testgetrequest.x username Parameter XSS. CVE-2004-1645. Remote exploit for windows platform
    id EDB-ID:24418
    last seen 2016-02-02
    modified 2004-09-30
    published 2004-09-30
    reporter James Bercegay
    source https://www.exploit-db.com/download/24418/
    title Xedus Web Server 1.0 testgetrequest.x username Parameter XSS
nessus via4
NASL family Peer-To-Peer File Sharing
NASL id XEDUS_XSS.NASL
description The remote host runs Xedus Peer-to-Peer web server. This version is vulnerable to cross-site scripting attacks. With a specially crafted URL, an attacker can cause arbitrary code execution resulting in a loss of integrity.
last seen 2019-02-21
modified 2018-08-07
plugin id 14647
published 2004-09-03
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=14647
title Xedus Webserver Multiple XSS
refmap via4
bid 11071
bugtraq 20040830 Multiple Vulnerabilities In Xedus Webserver
misc http://www.gulftech.org/?node=research&article_id=00047-08302004
secunia 12418
xf xedus-test-xss(17166)
Last major update 17-10-2016 - 22:58
Published 30-08-2004 - 00:00
Last modified 10-07-2017 - 21:31
Back to Top