2daybiz Video Community Portal Script SQL Injection and Cross Site Scripting Vulnerabilities

2daybiz Video Community Portal Script SQL Injection and Cross Site Scripting Vulnerabilities

Attackers can use a browser to exploit these issues. To exploit a cross-site scripting vulnerability, the attacker must entice a victim to follow a malicious URI.

The following example URIs are available:

http://www.example.com/video.php?videoid=[sqli]
http://www.example.com/video.php?videoid=[xss]