CVE-2010-2458

2daybiz Video Community Portal Script - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by L0rd CrusAd3r · textwebappsphp

https://www.exploit-db.com/exploits/13970

View Code ZIP pw:eip

References (6)

[Exploit] http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt

[Vendor Advisory] http://secunia.com/advisories/40280

[Exploit] http://www.exploit-db.com/exploits/13970

[Exploit] http://www.securityfocus.com/bid/41022

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/59639

[Third Party Advisory, VDB Entry] http://osvdb.org/65669

Scores

EPSS 0.0409

EPSS Percentile 88.4%

Classification

CWE

CWE-79

Status draft

Affected Products (1)

2daybiz/video_community_portal_script

Timeline

Published Jun 25, 2010

Tracked Since Feb 18, 2026