Back
CVE-2001-1468
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
Published: Feb 7, 2001
Modified: Apr 16, 2026
CVSS Metrics
Affected Products (14)
| Vendor | Product | Version |
|---|---|---|
| secure_reality | phpsecurepages | 0.11_beta |
| secure_reality | phpsecurepages | 0.12_beta |
| secure_reality | phpsecurepages | 0.13_beta |
| secure_reality | phpsecurepages | 0.14_beta |
| secure_reality | phpsecurepages | 0.15_beta |
| secure_reality | phpsecurepages | 0.16_beta |
| secure_reality | phpsecurepages | 0.17_beta |
| secure_reality | phpsecurepages | 0.18_beta |
| secure_reality | phpsecurepages | 0.19_beta |
| secure_reality | phpsecurepages | 0.20_beta |
| secure_reality | phpsecurepages | 0.21_beta |
| secure_reality | phpsecurepages | 0.22_beta |
| secure_reality | phpsecurepages | 0.23_beta |
| secure_reality | phpsecurepages | 0.24_beta |
GitHub Security Advisory GHSA-mcvp-w43m-5f4h
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier...
References (8)
- http://securitytracker.com/id?1001408
- http://www.kb.cert.org/vuls/id/391347 US Government Resource
- http://www.securityfocus.com/bid/2970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6774
- http://securitytracker.com/id?1001408
- http://www.kb.cert.org/vuls/id/391347 US Government Resource
- http://www.securityfocus.com/bid/2970
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6774
Risk Scores
CVSS Score
7.5 / 10
EPSS Score
1.71%
Top 17% most likely to be exploited
Threat Score
30.5 / 100
Data Sources
NVD
EPSS
GitHub