MidnightBSD

Advisories for secure_reality

CVE-2001-1468 HIGH

PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
secure_reality phpsecurepages 0.18_beta
secure_reality phpsecurepages 0.11_beta
secure_reality phpsecurepages 0.13_beta
secure_reality phpsecurepages 0.17_beta
secure_reality phpsecurepages 0.24_beta
secure_reality phpsecurepages 0.23_beta
secure_reality phpsecurepages 0.21_beta
secure_reality phpsecurepages 0.16_beta
secure_reality phpsecurepages 0.22_beta
secure_reality phpsecurepages 0.15_beta
secure_reality phpsecurepages 0.20_beta
secure_reality phpsecurepages 0.14_beta
secure_reality phpsecurepages 0.12_beta
secure_reality phpsecurepages 0.19_beta
CVE-2005-2251 HIGH

PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
secure_reality phpsecurepages 0.18_beta
secure_reality phpsecurepages 0.11_beta
secure_reality phpsecurepages 0.13_beta
secure_reality phpsecurepages 0.25_beta
secure_reality phpsecurepages 0.17_beta
secure_reality phpsecurepages 0.24_beta
secure_reality phpsecurepages 0.23_beta
secure_reality phpsecurepages 0.26_beta
secure_reality phpsecurepages 0.21_beta
secure_reality phpsecurepages 0.16_beta
secure_reality phpsecurepages 0.22_beta
secure_reality phpsecurepages 0.15_beta
secure_reality phpsecurepages 0.20_beta
secure_reality phpsecurepages 0.27_beta
secure_reality phpsecurepages 0.14_beta
secure_reality phpsecurepages 0.12_beta
secure_reality phpsecurepages 0.28_beta
secure_reality phpsecurepages 0.19_beta