CVE-2010-2697

Sijio Community Software - Authenticated Stored Cross-Site Scripting via Blog Title Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2697. PoCs published by Sid3^effects.

AI-analyzed exploit summary This is a technical writeup detailing SQL injection and persistent XSS vulnerabilities in Sijio Community Software. It provides attack patterns, demo URLs, and steps to exploit the vulnerabilities but does not include functional exploit code.

Description

Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated users to inject arbitrary web script or HTML via the title parameter when adding a new blog, related to edit_blog/index.php. NOTE: some of these details are obtained from third party information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Sid3^effects · textwebappsphp
https://www.exploit-db.com/exploits/14260

This is a technical writeup detailing SQL injection and persistent XSS vulnerabilities in Sijio Community Software. It provides attack patterns, demo URLs, and steps to exploit the vulnerabilities but does not include functional exploit code.

Classification
Writeup 90%
Attack Type
Sqli | Xss
Complexity
Trivial
Reliability
Reliable
Target: Sijio Community Software
Auth required
Prerequisites: Access to the target application · User registration for XSS exploitation
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14260
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60176
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/66154
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/1766
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/40492

Scores

EPSS 0.0134
EPSS Percentile 67.4%

Details

CWE
CWE-79
Status published
Products (1)
sijio/community_software
Published Jul 12, 2010
Tracked Since Feb 18, 2026