Description
Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Template Software allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to category.php and the (2) password parameter to memberlogin.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Sangteamtham · textwebappsphp
https://www.exploit-db.com/exploits/14020
References (2)
Core 2
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/40348
Exploit exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/14020
Scores
EPSS
0.0031
EPSS Percentile
54.4%
Details
CWE
CWE-79
Status
published
Products (1)
2daybiz/web_template_software
Published
Jun 28, 2010
Tracked Since
Feb 18, 2026