CyberSec.Space Logo
返回 CVE 浏览器

CVE-2002-2218

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile0.06th
Published2002年12月31日
Last Modified2026年4月16日

Vulnerability Description

CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value.

Affected Platforms (CPE)

📦
Sips

Sips

All versions

References & Advisories

🔗 http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1.14
🔗 http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log
🔗 http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1.14
🔗 http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log

相关漏洞威胁

CVE-2002-026710.0

preferences.php in Simple Internet Publishing System (SIPS) before 0.3.1 allows remote attackers to gain administrative privileges...

CVE-2002-066710.0

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow r...

CVE-2000-124110.0

Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and atta...

CVE-2007-074610.0

Heap-based buffer overflow in the VideoConference framework in Apple Mac OS X 10.3.9 through 10.4.9 allows remote attackers to exe...