Exploitation Summary
EIP tracks 1 public exploit for CVE-2010-1092. PoCs published by Crux.
AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Scripts Feed Business Directory's login.php. The POST variables 'us' and 'ps' are identified as vulnerable, but no actual exploit code is provided.
Description
Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow remote attackers to execute arbitrary SQL commands via the (1) us and (2) ps parameters.
Exploits (1)
exploitdb
WRITEUP
by Crux · textwebappsphp
https://www.exploit-db.com/exploits/11592
This is a writeup describing a SQL injection vulnerability in Scripts Feed Business Directory's login.php. The POST variables 'us' and 'ps' are identified as vulnerable, but no actual exploit code is provided.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:
Scripts Feed Business Directory ALL
No auth needed
Prerequisites:
Access to the login.php endpoint
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/56570
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/38771
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0494
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/11592
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/62626
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/38470
Scores
EPSS
0.0115
EPSS Percentile
62.8%
Details
CWE
CWE-89
Status
published
Products (1)
scriptsfeed/business_directory_software
Published
Mar 24, 2010
Tracked Since
Feb 18, 2026