CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value.
Max CVSS
10.0
EPSS Score
0.21%
Published
2002-12-31
Updated
2008-09-05
preferences.php in Simple Internet Publishing System (SIPS) before 0.3.1 allows remote attackers to gain administrative privileges via a linebreak in the "theme" field followed by the Status::admin command, which causes the Status line to be entered into the password file.
Max CVSS
10.0
EPSS Score
0.88%
Published
2002-05-29
Updated
2016-10-18
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."
Max CVSS
10.0
EPSS Score
0.23%
Published
2000-12-31
Updated
2009-10-14
3 vulnerabilities found