CVE-2010-2459
2daybiz Video Community Portal Script 1.0 - SQL Injection via videoid Parameter
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-2459. PoCs published by L0rd CrusAd3r.
AI-analyzed exploit summary The exploit describes SQL injection and XSS vulnerabilities in 2daybiz Video Community portal version 1. It provides demo URLs and payloads but lacks functional exploit code.
Description
SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote attackers to execute arbitrary SQL commands via the videoid parameter.
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by L0rd CrusAd3r · textwebappsphp
https://www.exploit-db.com/exploits/13970
The exploit describes SQL injection and XSS vulnerabilities in 2daybiz Video Community portal version 1. It provides demo URLs and payloads but lacks functional exploit code.
Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Theoretical
Target:
2daybiz Video Community portal v1
No auth needed
Prerequisites:
Access to the vulnerable web application
devstral-2 · analyzed Feb 18, 2026
Full analysis →
References (5)
Core 5
Core References
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/13970
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59638
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/65810
Exploit x_refsource_misc
http://packetstormsecurity.org/1006-exploits/2daybizvcp-sql.txt
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/41022
Scores
EPSS
0.0100
EPSS Percentile
58.1%
Details
CWE
CWE-89
Status
published
Products (1)
2daybiz/video_community_portal_script
1.0
Published
Jun 25, 2010
Tracked Since
Feb 18, 2026