Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1468

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1468
Last Modified 05 Sep 2008 04:26:38
Published 07 Feb 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1468

Summary

PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.

Vulnerable Systems

Application

  • Secure Reality Phpsecurepages 0.11 Beta

  • Secure Reality Phpsecurepages 0.12 Beta

  • Secure Reality Phpsecurepages 0.13 Beta

  • Secure Reality Phpsecurepages 0.14 Beta

  • Secure Reality Phpsecurepages 0.15 Beta

  • Secure Reality Phpsecurepages 0.16 Beta

  • Secure Reality Phpsecurepages 0.17 Beta

  • Secure Reality Phpsecurepages 0.18 Beta

  • Secure Reality Phpsecurepages 0.19 Beta

  • Secure Reality Phpsecurepages 0.20 Beta

  • Secure Reality Phpsecurepages 0.21 Beta

  • Secure Reality Phpsecurepages 0.22 Beta

  • Secure Reality Phpsecurepages 0.23 Beta

  • Secure Reality Phpsecurepages 0.24 Beta


References

CERT-VN - VU#391347

XF - phpsecurepages-checklogin-execute-code(6774)

BID - 2970

SECTRACK - 1001408


Last Updated: 27 May 2016 10:36:40