Описание
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:secure_reality:phpsecurepages:0.11_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.12_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.13_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.14_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.15_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.16_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.17_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.18_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.19_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.20_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.21_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.22_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.23_beta:*:*:*:*:*:*:*
cpe:2.3:a:secure_reality:phpsecurepages:0.24_beta:*:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01711
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
EPSS
Процентиль: 82%
0.01711
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other