CVE-2004-2076

EIP tracks 1 public exploit for CVE-2004-2076. PoCs published by Rafel Ivgi The-Insider.

AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in vBulletin's search.php script due to insufficient input sanitization. The PoC provides URLs with malicious script tags injected into the 'query' parameter, which execute arbitrary JavaScript in the context of the victim's browser.

Cross-site scripting (XSS) vulnerability in search.php for Jelsoft vBulletin 3.0.0 RC4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.