RSS   Vulnerabilities for 'Xedus'   RSS

2004-08-30
 
CVE-2004-1646

 

 
Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.

 
 
CVE-2004-1645

 

 
Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x.

 
 
CVE-2004-1644

 

 
Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address.

 


Copyright 2024, cxsecurity.com

 

Back to Top