Vulnerabilities > CVE-2004-2017 - Unspecified vulnerability in Turbotraffictrader C 1.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
turbotraffictrader
exploit available

Summary

Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel.

Vulnerable Configurations

Part Description Count
Application
Turbotraffictrader
1

Exploit-Db

descriptionTurboTrafficTrader C 1.0 Multiple Cross-Site Scripting and HTML Injection Vulnerabilities. CVE-2004-2017. Webapps exploit for cgi platform
idEDB-ID:24122
last seen2016-02-02
modified2004-05-17
published2004-05-17
reporterKaloyan Olegov Georgiev
sourcehttps://www.exploit-db.com/download/24122/
titleTurboTrafficTrader C 1.0 - Multiple Cross-Site Scripting and HTML Injection Vulnerabilities