2 matches found
CVE-2010-2099
bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that could contain the php bbcode tag, which allows remote attackers to execute arbitrary PHP code, as demonstrated using the toEmail method in contact.php, related to invocations of the toHTML method...
CVE-2010-2099
CVE-2010-2099 affects e107 SOAP? No. What it affects: bbcode/php.bb in e107 0.7.20 and earlier. Root cause: input handling failure in php bbcode tag without proper access control, enabling remote attackers to execute arbitrary PHP code. Demonstrated via toEmail method in contact.php and related t...