Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2010-2099

🗓️ 27 May 2010 22:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 72 Views🌐 WEB

bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that could contain the php bbcode tag, which allows remote attackers to execute arbitrary PHP code

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
Circl		CVE-2010-2099
24 May 201000:00
circl
Check Point Advisories		E107 contact php Code Execution (CVE-2010-2099)
10 Nov 201400:00
checkpoint_advisories
Cvelist		CVE-2010-2099
27 May 201022:00
cvelist
Dsquare		e107 0.7.20 RCE
31 Jan 201200:00
dsquare
Tenable Nessus		e107 BBCode Arbitrary PHP Code Execution
21 May 201000:00
nessus
EUVD		EUVD-2010-2116
7 Oct 202500:30
euvd
NVD		CVE-2010-2099
27 May 201022:30
nvd
OpenVAS		e107 BBCode Arbitrary PHP Code Execution Vulnerability
25 May 201000:00
openvas
Prion		Design/Logic Flaw
27 May 201022:30
prion
RedhatCVE		CVE-2010-2099
22 May 202504:16
redhatcve
Rows per page
NVD
Node
e107e107Range0.7.20
OR
e107e107Match0.6_10
OR
e107e107Match0.6_11
OR
e107e107Match0.6_12
OR
e107e107Match0.6_13
OR
e107e107Match0.6_14
OR
e107e107Match0.6_15
OR
e107e107Match0.6_15a
OR
e107e107Match0.7
OR
e107e107Match0.7.0
OR
e107e107Match0.7.1
OR
e107e107Match0.7.2
OR
e107e107Match0.7.3
OR
e107e107Match0.7.4
OR
e107e107Match0.7.5
OR
e107e107Match0.7.6
OR
e107e107Match0.7.7
OR
e107e107Match0.7.8
OR
e107e107Match0.7.9
OR
e107e107Match0.7.10
OR
e107e107Match0.7.11
OR
e107e107Match0.7.12
OR
e107e107Match0.7.13
OR
e107e107Match0.7.14
OR
e107e107Match0.7.15
OR
e107e107Match0.7.16
OR
e107e107Match0.7.17
OR
e107e107Match0.7.18
OR
e107e107Match0.7.19
OR
e107e107Match0.545
OR
e107e107Match0.547beta
OR
e107e107Match0.548beta
OR
e107e107Match0.549beta
OR
e107e107Match0.551beta
OR
e107e107Match0.552beta
OR
e107e107Match0.553beta
OR
e107e107Match0.554
OR
e107e107Match0.554beta
OR
e107e107Match0.555beta
OR
e107e107Match0.600
OR
e107e107Match0.601
OR
e107e107Match0.602
OR
e107e107Match0.603
OR
e107e107Match0.604
OR
e107e107Match0.605
OR
e107e107Match0.606
OR
e107e107Match0.607
OR
e107e107Match0.608
OR
e107e107Match0.609
OR
e107e107Match0.610
OR
e107e107Match0.611
OR
e107e107Match0.612
OR
e107e107Match0.613
OR
e107e107Match0.614
OR
e107e107Match0.615
OR
e107e107Match0.615a
OR
e107e107Match0.616
OR
e107e107Match0.617
OR
e107e107Match0.6171
OR
e107e107Match0.6172
OR
e107e107Match0.6173
OR
e107e107Match0.6174
OR
e107e107Match0.6175
ParameterPositionPathDescriptionCWE
bbcoderequest bodycontact.phpRemote PHP code execution via bbcode tag in contact.php (toEmail/toHTML path).CWE-264
php_bbcode_tagrequest bodycontact.phpRemote PHP code execution via bbcode tag in contact.php (toEmail/toHTML path).CWE-264

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
29 Apr 2026 01:13Current
7.6High risk
Vulners AI Score7.6
CVSS 27.5
EPSS0.00838
CWE-264
cve-2010-2099e107security vulnerabilityaccess controlremote code executionphpnvd
72