Vulnerability Details CVE-2005-2251
PHP remote file inclusion vulnerability in secure.php in PHPSecurePages (phpSP) 0.28beta and earlier allows remote attackers to execute arbitrary code via the cfgProgDir parameter, a variant of CVE-2001-1468.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.043
EPSS Ranking 88.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/15994
- http://securitytracker.com/id?1014410
- http://www.securityfocus.com/bid/14201
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29263
- https://www.exploit-db.com/exploits/2452
- http://secunia.com/advisories/15994
- http://securitytracker.com/id?1014410
- http://www.securityfocus.com/bid/14201
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29263
- https://www.exploit-db.com/exploits/2452
Products affected by CVE-2005-2251
-
cpe:2.3:a:secure_reality:phpsecurepages:0.11_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.12_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.13_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.14_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.15_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.16_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.17_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.18_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.19_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.20_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.21_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.22_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.23_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.24_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.25_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.26_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.27_beta
-
cpe:2.3:a:secure_reality:phpsecurepages:0.28_beta