CVE-2004-2566

EIP tracks 1 public exploit for CVE-2004-2566. PoCs published by GulfTech Security.

AI-analyzed exploit summary This is a writeup describing a Cross-Site Scripting (XSS) vulnerability in multiple LiveWorld products. It includes proof-of-concept URLs demonstrating the vulnerability but does not contain executable exploit code.

Multiple cross-site scripting (XSS) vulnerabilities in LiveWorld products, possibly including (1) LiveForum, (2) LiveQ&A, (3) LiveChat, and (4) LiveFocusGroup, allow remote attackers to inject arbitrary web script or HTML via the q parameter in (a) search.jsp, (b) findclub!execute.jspa, and (c) search!execute.jspa.