CyberSec.Space Logo
Back to CVE Browser

CVE-2002-2218

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile0.06th
PublishedDec 31, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value.

Affected Platforms (CPE)

πŸ“¦
Sips

Sips

All versions

References & Advisories

πŸ”— http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1.14
πŸ”— http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log
πŸ”— http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1.14
πŸ”— http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log

Related Vulnerabilities

CVE-2002-026710.0

preferences.php in Simple Internet Publishing System (SIPS) before 0.3.1 allows remote attackers to gain administrative privileges...

CVE-2002-066710.0

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow r...

CVE-2000-124110.0

Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and atta...

CVE-2007-074610.0

Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to exe...