CVE-2010-2099
e107 - Code Exection
Severity Score
7.5
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that could contain the php bbcode tag, which allows remote attackers to execute arbitrary PHP code, as demonstrated using the toEmail method in contact.php, related to invocations of the toHTML method.
bbcode/php.bb en e107 v0.7.20 y anteriores, no realiza una validación del control de acceso para las entradas que podrían contener la etiqueta php "bbcode", lo que permite a atacantes remotos ejecutar código PHP de su elección, como se ha demostrado empleando el método toEmail en contact.php. Relacionado con la invocación del método toHTML.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-05-24 First Exploit
- 2010-05-27 CVE Reserved
- 2010-05-27 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (3)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/12715 | 2010-05-24 | |
| http://php-security.org/2010/05/19/mops-2010-035-e107-bbcode-remote-php-code-execution-vulnerability/index.html | 2024-09-17 | |
| http://www.securityfocus.com/bid/40252 | 2024-09-17 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | <= 0.7.20 Search vendor "E107" for product "E107" and version " <= 0.7.20" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6_10 Search vendor "E107" for product "E107" and version "0.6_10" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6_11 Search vendor "E107" for product "E107" and version "0.6_11" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6_12 Search vendor "E107" for product "E107" and version "0.6_12" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6_13 Search vendor "E107" for product "E107" and version "0.6_13" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6_14 Search vendor "E107" for product "E107" and version "0.6_14" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6_15 Search vendor "E107" for product "E107" and version "0.6_15" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6_15a Search vendor "E107" for product "E107" and version "0.6_15a" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7 Search vendor "E107" for product "E107" and version "0.7" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.0 Search vendor "E107" for product "E107" and version "0.7.0" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.1 Search vendor "E107" for product "E107" and version "0.7.1" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.2 Search vendor "E107" for product "E107" and version "0.7.2" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.3 Search vendor "E107" for product "E107" and version "0.7.3" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.4 Search vendor "E107" for product "E107" and version "0.7.4" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.5 Search vendor "E107" for product "E107" and version "0.7.5" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.6 Search vendor "E107" for product "E107" and version "0.7.6" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.7 Search vendor "E107" for product "E107" and version "0.7.7" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.8 Search vendor "E107" for product "E107" and version "0.7.8" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.9 Search vendor "E107" for product "E107" and version "0.7.9" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.10 Search vendor "E107" for product "E107" and version "0.7.10" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.11 Search vendor "E107" for product "E107" and version "0.7.11" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.12 Search vendor "E107" for product "E107" and version "0.7.12" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.13 Search vendor "E107" for product "E107" and version "0.7.13" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.14 Search vendor "E107" for product "E107" and version "0.7.14" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.15 Search vendor "E107" for product "E107" and version "0.7.15" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.16 Search vendor "E107" for product "E107" and version "0.7.16" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.17 Search vendor "E107" for product "E107" and version "0.7.17" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.18 Search vendor "E107" for product "E107" and version "0.7.18" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.7.19 Search vendor "E107" for product "E107" and version "0.7.19" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.545 Search vendor "E107" for product "E107" and version "0.545" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.547 Search vendor "E107" for product "E107" and version "0.547" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.548 Search vendor "E107" for product "E107" and version "0.548" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.549 Search vendor "E107" for product "E107" and version "0.549" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.551 Search vendor "E107" for product "E107" and version "0.551" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.552 Search vendor "E107" for product "E107" and version "0.552" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.553 Search vendor "E107" for product "E107" and version "0.553" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.554 Search vendor "E107" for product "E107" and version "0.554" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.554 Search vendor "E107" for product "E107" and version "0.554" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.555 Search vendor "E107" for product "E107" and version "0.555" | beta |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.600 Search vendor "E107" for product "E107" and version "0.600" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.601 Search vendor "E107" for product "E107" and version "0.601" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.602 Search vendor "E107" for product "E107" and version "0.602" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.603 Search vendor "E107" for product "E107" and version "0.603" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.604 Search vendor "E107" for product "E107" and version "0.604" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.605 Search vendor "E107" for product "E107" and version "0.605" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.606 Search vendor "E107" for product "E107" and version "0.606" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.607 Search vendor "E107" for product "E107" and version "0.607" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.608 Search vendor "E107" for product "E107" and version "0.608" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.609 Search vendor "E107" for product "E107" and version "0.609" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.610 Search vendor "E107" for product "E107" and version "0.610" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.611 Search vendor "E107" for product "E107" and version "0.611" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.612 Search vendor "E107" for product "E107" and version "0.612" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.613 Search vendor "E107" for product "E107" and version "0.613" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.614 Search vendor "E107" for product "E107" and version "0.614" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.615 Search vendor "E107" for product "E107" and version "0.615" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.615a Search vendor "E107" for product "E107" and version "0.615a" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.616 Search vendor "E107" for product "E107" and version "0.616" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.617 Search vendor "E107" for product "E107" and version "0.617" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6171 Search vendor "E107" for product "E107" and version "0.6171" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6172 Search vendor "E107" for product "E107" and version "0.6172" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6173 Search vendor "E107" for product "E107" and version "0.6173" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6174 Search vendor "E107" for product "E107" and version "0.6174" | - |
Affected
| ||||||
| E107 Search vendor "E107" | E107 Search vendor "E107" for product "E107" | 0.6175 Search vendor "E107" for product "E107" and version "0.6175" | - |
Affected
| ||||||