CVE-2010-2696

Sijio Community Software - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2696. PoCs published by Sid3^effects.

AI-analyzed exploit summary This is a technical writeup detailing SQL injection and persistent XSS vulnerabilities in Sijio Community Software. It provides attack patterns, demo URLs, and steps to exploit the vulnerabilities but does not include functional exploit code.

Description

SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers to execute arbitrary SQL commands via the parent parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Sid3^effects · textwebappsphp
https://www.exploit-db.com/exploits/14260

This is a technical writeup detailing SQL injection and persistent XSS vulnerabilities in Sijio Community Software. It provides attack patterns, demo URLs, and steps to exploit the vulnerabilities but does not include functional exploit code.

Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Reliable
Target: Sijio Community Software
Auth required
Prerequisites: Access to the target application · User registration for XSS exploitation
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/66155
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14260
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60177
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1766

Scores

EPSS 0.0097
EPSS Percentile 57.2%

Details

CWE
CWE-89
Status published
Products (1)
sijio/community_software
Published Jul 12, 2010
Tracked Since Feb 18, 2026