CVE-2010-4934

Get Tube < 4.51 - SQL Injection via video.php id Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2010-4934. PoCs published by Mr.P3rfekT.

AI-analyzed exploit summary This is a writeup describing a SQL injection vulnerability in Get Tube versions 4.51 and earlier. It provides a proof-of-concept URL demonstrating the vulnerability but does not include executable exploit code.

Description

SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Exploits (1)

exploitdb WRITEUP

by Mr.P3rfekT · textwebappsphp

https://www.exploit-db.com/exploits/14637

View Code ZIP pw:eip

This is a writeup describing a SQL injection vulnerability in Get Tube versions 4.51 and earlier. It provides a proof-of-concept URL demonstrating the vulnerability but does not include executable exploit code.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Get Tube 4.51 & All Versions

No auth needed

Prerequisites: Access to the vulnerable endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/14637

Scores

EPSS 0.0092

EPSS Percentile 55.8%

Details

CWE

CWE-89

Status published

Products (1)

svcreation/get_tube < 4.51

Published Oct 09, 2011

Tracked Since Feb 18, 2026