本ページは jerod_moemeka xedus に影響する公開済み CVE(NVD の CPE 経由で関連付け)を列挙します。各行に深刻度指標・概要・公開日が含まれます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2004-1646 | Directory traversal vulnerability in Xedus 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | [email protected] | 5.0 | 7.14% | 2004-08-30 | 2026-06-16 |
| CVE-2004-1645 | Cross-site scripting (XSS) vulnerability in Xedus 1.0 allows remote attackers to execute arbitrary web script or HTML via the (1) username parameter to test.x, (2) username parameter to TestServer.x, or (3) param parameter to testgetrequest.x. | [email protected] | 4.3 | 3.65% | 2004-08-30 | 2026-06-16 |
| CVE-2004-1644 | Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address. | [email protected] | 5.0 | 1.59% | 2004-08-30 | 2026-06-16 |