CVE-2010-2610

Name of the Vulnerable Software and Affected Versions 2daybiz Job Site Script (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary SQL commands. This is achieved through SQL injection vulnerabilities in multiple parameters, including the jid parameter to "view current job.php", the job iid parameter to "show search more.php", and the left cat parameter to "show search result.php".

Recommendations For 2daybiz Job Site Script, consider validating and sanitizing user input for the jid, job iid, and left cat parameters to prevent SQL injection attacks. As a temporary workaround, restrict access to the "view current job.php", "show search more.php", and "show search result.php" scripts until a patch is available. Avoid using the jid, job iid, and left cat parameters in the affected scripts until the issue is resolved.