CVE-2010-2458
2daybiz Video Community Portal Script 1.0 - Cross-Site Scripting via videoid Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-2458. PoCs published by L0rd CrusAd3r.
AI-analyzed exploit summary The exploit describes SQL injection and XSS vulnerabilities in 2daybiz Video Community portal version 1. It provides demo URLs and payloads but lacks functional exploit code.
Description
Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by L0rd CrusAd3r · textwebappsphp
https://www.exploit-db.com/exploits/13970
The exploit describes SQL injection and XSS vulnerabilities in 2daybiz Video Community portal version 1. It provides demo URLs and payloads but lacks functional exploit code.
Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Theoretical
Target:
2daybiz Video Community portal v1
No auth needed
Prerequisites:
Access to the vulnerable web application
devstral-2 · analyzed Feb 18, 2026
Full analysis →
References (6)
Core 6
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/13970
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/65669
Exploit x_refsource_misc
http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59639
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40280
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/41022
Scores
EPSS
0.0172
EPSS Percentile
74.5%
Details
CWE
CWE-79
Status
published
Products (1)
2daybiz/video_community_portal_script
1.0
Published
Jun 25, 2010
Tracked Since
Feb 18, 2026