CVE-2010-2610

2daybiz Job Site Script - SQL Injection via jid, job_iid, or left_cat Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2610. PoCs published by Sangteamtham.

AI-analyzed exploit summary This is a writeup describing SQL injection vulnerabilities in 2daybiz Job site Script. It provides URLs with injection points but does not include executable exploit code.

Description

Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to show_search_more.php, and (3) left_cat parameter to show_search_result.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Sangteamtham · textwebappsphp

https://www.exploit-db.com/exploits/14025

View Code ZIP pw:eip

This is a writeup describing SQL injection vulnerabilities in 2daybiz Job site Script. It provides URLs with injection points but does not include executable exploit code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: 2daybiz Job site Script

No auth needed

Prerequisites: access to the vulnerable web application

MITRE ATT&CK