Simple Text File Login Script

simple_text-file_login_script

Vendor: Mariovaldez • 2 CVEs

CVEs (2)

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

1Mariovaldez

1Simple Text File Login Script

Apr 23, 2026

Dec 30, 2008

N/A· v4

N/A· v3

7.5 HIGH· v2

PHP remote file inclusion vulnerability in slogin_lib.inc.php in Simple Text-File Login Script (SiTeFiLo) 1.0.6 allows remote attackers to execute arbitrary PHP code via a URL in the slogin_path parameter.

1Mariovaldez

1Simple Text File Login Script

Apr 23, 2026

Dec 30, 2008

N/A· v4

N/A· v3

5.0 MEDIUM· v2

Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a d...Show more

Simple Text-File Login Script (SiTeFiLo) 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for slog_users.txt.Show less