PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Phpsecurepages | Secure_reality | 0.11_beta (including) | 0.11_beta (including) |
| Phpsecurepages | Secure_reality | 0.12_beta (including) | 0.12_beta (including) |
| Phpsecurepages | Secure_reality | 0.13_beta (including) | 0.13_beta (including) |
| Phpsecurepages | Secure_reality | 0.14_beta (including) | 0.14_beta (including) |
| Phpsecurepages | Secure_reality | 0.15_beta (including) | 0.15_beta (including) |
| Phpsecurepages | Secure_reality | 0.16_beta (including) | 0.16_beta (including) |
| Phpsecurepages | Secure_reality | 0.17_beta (including) | 0.17_beta (including) |
| Phpsecurepages | Secure_reality | 0.18_beta (including) | 0.18_beta (including) |
| Phpsecurepages | Secure_reality | 0.19_beta (including) | 0.19_beta (including) |
| Phpsecurepages | Secure_reality | 0.20_beta (including) | 0.20_beta (including) |
| Phpsecurepages | Secure_reality | 0.21_beta (including) | 0.21_beta (including) |
| Phpsecurepages | Secure_reality | 0.22_beta (including) | 0.22_beta (including) |
| Phpsecurepages | Secure_reality | 0.23_beta (including) | 0.23_beta (including) |
| Phpsecurepages | Secure_reality | 0.24_beta (including) | 0.24_beta (including) |