Description
Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to inject arbitrary web script or HTML via the videoid parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by L0rd CrusAd3r · textwebappsphp
https://www.exploit-db.com/exploits/13970
References (6)
Core 6
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/13970
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/65669
Exploit x_refsource_misc
http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59639
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40280
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/41022
Scores
EPSS
0.0409
EPSS Percentile
88.6%
Details
CWE
CWE-79
Status
published
Products (1)
2daybiz/video_community_portal_script
1.0
Published
Jun 25, 2010
Tracked Since
Feb 18, 2026