CVE-2004-2508
Linksys WVC11B - Cross-Site Scripting via next_file Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2004-2508. PoCs published by scriptX.
AI-analyzed exploit summary The exploit describes a cross-site scripting (XSS) vulnerability in Linksys Web Camera software version 2.10, where malicious script code can be injected via the 'next_file' parameter in the 'main.cgi' script. The provided example demonstrates a simple alert-based XSS payload.
Description
Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter.
Exploits (1)
The exploit describes a cross-site scripting (XSS) vulnerability in Linksys Web Camera software version 2.10, where malicious script code can be injected via the 'next_file' parameter in the 'main.cgi' script. The provided example demonstrates a simple alert-based XSS payload.