PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468.
2005-07-13T04:00:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
Type | Vendor | Product | Version/Range | Vulnerable? |
---|---|---|---|---|
Application | secure_reality | phpsecurepages | 0.11_beta | Yes |
Application | secure_reality | phpsecurepages | 0.12_beta | Yes |
Application | secure_reality | phpsecurepages | 0.13_beta | Yes |
Application | secure_reality | phpsecurepages | 0.14_beta | Yes |
Application | secure_reality | phpsecurepages | 0.15_beta | Yes |
Application | secure_reality | phpsecurepages | 0.16_beta | Yes |
Application | secure_reality | phpsecurepages | 0.17_beta | Yes |
Application | secure_reality | phpsecurepages | 0.18_beta | Yes |
Application | secure_reality | phpsecurepages | 0.19_beta | Yes |
Application | secure_reality | phpsecurepages | 0.20_beta | Yes |
Application | secure_reality | phpsecurepages | 0.21_beta | Yes |
Application | secure_reality | phpsecurepages | 0.22_beta | Yes |
Application | secure_reality | phpsecurepages | 0.23_beta | Yes |
Application | secure_reality | phpsecurepages | 0.24_beta | Yes |
Application | secure_reality | phpsecurepages | 0.25_beta | Yes |
Application | secure_reality | phpsecurepages | 0.26_beta | Yes |
Application | secure_reality | phpsecurepages | 0.27_beta | Yes |
Application | secure_reality | phpsecurepages | 0.28_beta | Yes |