PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
CVSS v2.0 Score
7.5
/ 10.0
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Information
- Published
- 7 févr. 2001
- Updated
- 16 avr. 2026
- Status
- Modified
- Source
- cve@mitre.org
Affected products
secure reality phpsecurepages
Versions : 0.11_beta, 0.12_beta, 0.13_beta, 0.14_beta, 0.15_beta
Weaknesses (CWE)
NVD-CWE-Other
References (8)
- http://www.kb.cert.org/vuls/id/391347US Government Resource
- http://www.kb.cert.org/vuls/id/391347US Government Resource
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.