Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Apr 16, 2026

CVE-2004-2017

Description

Multiple cross-site scripting (XSS) vulnerabilities in Turbo Traffic Trader C (TTT-C) 1.0 allow remote attackers to inject arbitrary HTML or web script, as demonstrated via (1) the link parameter to ttt-out, (2) the X-Forwarded-For header in a GET request to ttt-in, (3) the Referer header in a GET request to ttt-in, or the (4) site name or (5) site URL fields in the main control panel.

Affected products

Turbotraffictrader/Turbotraffictrader C
cpe:2.3:a:turbotraffictrader:turbotraffictrader_c:1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/10359nvdExploit
marc.infonvd
secunia.com/advisories/11623nvd
www.icefire.org/security/ttt-bugreport.txtnvd
www.osvdb.org/6339nvd
www.osvdb.org/6340nvd
www.osvdb.org/6341nvd
www.osvdb.org/6342nvd
www.osvdb.org/6343nvd
www.osvdb.org/6344nvd
exchange.xforce.ibmcloud.com/vulnerabilities/16164nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000