CVE-2010-2617

PHP Bible Search - Cross-Site Scripting via Chapter Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2617. PoCs published by L0rd CrusAd3r.

AI-analyzed exploit summary The provided text describes SQL injection and XSS vulnerabilities in PHP Bible Search due to insufficient input sanitization. It includes a sample URL demonstrating the XSS vulnerability but lacks executable exploit code.

Description

Cross-site scripting (XSS) vulnerability in bible.php in PHP Bible Search allows remote attackers to inject arbitrary web script or HTML via the chapter parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by L0rd CrusAd3r · textwebappsphp
https://www.exploit-db.com/exploits/34214

The provided text describes SQL injection and XSS vulnerabilities in PHP Bible Search due to insufficient input sanitization. It includes a sample URL demonstrating the XSS vulnerability but lacks executable exploit code.

Classification
Writeup 80%
Attack Type
Xss | Sqli
Complexity
Trivial
Reliability
Theoretical
Target: PHP Bible Search (version not specified)
No auth needed
Prerequisites: Access to the vulnerable application
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/59843
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/41197

Scores

EPSS 0.0144
EPSS Percentile 70.3%

Details

CWE
CWE-79
Status published
Products (1)
paul_mcenery/php_bible_search 0.99
Published Jul 02, 2010
Tracked Since Feb 18, 2026