CVE-2010-0366

BitScripts Bits Video Script 2.04-2.05 Gold Beta - Unauthenticated Arbitrary File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2010-0366. PoCs published by indoushka.

AI-analyzed exploit summary The provided text describes an arbitrary file upload vulnerability in Bits Video Script versions 2.04 and 2.05 Gold Beta. It lacks actual exploit code but details the vulnerability and affected versions.

Description

Multiple unrestricted file upload vulnerabilities in (1) register.php and (2) addvideo.php in BitScripts Bits Video Script 2.04 and 2.05 Gold Beta allow remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory.

Exploits (2)

exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/34120

The provided text describes an arbitrary file upload vulnerability in Bits Video Script versions 2.04 and 2.05 Gold Beta. It lacks actual exploit code but details the vulnerability and affected versions.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Bits Video Script 2.04, 2.05 Gold Beta
No auth needed
Prerequisites: Access to the vulnerable register.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by indoushka · textwebappsphp
https://www.exploit-db.com/exploits/34119

The provided text describes an arbitrary file upload vulnerability in Bits Video Script versions 2.04 and 2.05 Gold Beta. It lacks actual exploit code but details the vulnerability and affected versions.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Theoretical
Target: Bits Video Script 2.04, 2.05 Gold Beta
No auth needed
Prerequisites: Access to the vulnerable endpoint (e.g., /Video/addvideo.php)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/55738
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38252
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/61826

Scores

EPSS 0.0354
EPSS Percentile 87.8%

Details

CWE
CWE-20
Status published
Products (2)
bitscripts/bits_video_script 2.04
bitscripts/bits_video_script 2.05 gold_beta
Published Jan 21, 2010
Tracked Since Feb 18, 2026