PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Phpsecurepages | Secure_reality | 0.11_beta | 0.11_beta |
Phpsecurepages | Secure_reality | 0.12_beta | 0.12_beta |
Phpsecurepages | Secure_reality | 0.13_beta | 0.13_beta |
Phpsecurepages | Secure_reality | 0.14_beta | 0.14_beta |
Phpsecurepages | Secure_reality | 0.15_beta | 0.15_beta |
Phpsecurepages | Secure_reality | 0.16_beta | 0.16_beta |
Phpsecurepages | Secure_reality | 0.17_beta | 0.17_beta |
Phpsecurepages | Secure_reality | 0.18_beta | 0.18_beta |
Phpsecurepages | Secure_reality | 0.19_beta | 0.19_beta |
Phpsecurepages | Secure_reality | 0.20_beta | 0.20_beta |
Phpsecurepages | Secure_reality | 0.21_beta | 0.21_beta |
Phpsecurepages | Secure_reality | 0.22_beta | 0.22_beta |
Phpsecurepages | Secure_reality | 0.23_beta | 0.23_beta |
Phpsecurepages | Secure_reality | 0.24_beta | 0.24_beta |