CVE-2010-2716

PsNews 1.3 - SQL Injection via id Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-2716. PoCs published by S.W.T.

AI-analyzed exploit summary This is a writeup describing SQL injection vulnerabilities in PsNews version 1.3. It provides URLs for exploitation but lacks actual exploit code or payloads.

Description

Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) ndetail.php and (2) print.php.

Exploits (1)

exploitdb WRITEUP
by S.W.T · textwebappsphp
https://www.exploit-db.com/exploits/14251

This is a writeup describing SQL injection vulnerabilities in PsNews version 1.3. It provides URLs for exploitation but lacks actual exploit code or payloads.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: PsNews 1.3
No auth needed
Prerequisites: access to the vulnerable web application
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/60129
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/41410
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/14251

Scores

EPSS 0.0097
EPSS Percentile 57.8%

Details

CWE
CWE-89
Status published
Products (1)
rich_kavanagh/psnews 1.3
Published Jul 13, 2010
Tracked Since Feb 18, 2026