CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2002-0267

preferences.php in Simple Internet Publishing System (SIPS) before 0.3.1 allows remote attackers to gain administrative privileges via a linebreak in the "theme" field followed by the Status::admin command, which causes the Status line to be entered into the password file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.012

EPSS Ranking 78.1%

CVSS Severity

CVSS v2 Score 10.0

References

http://marc.info/?l=bugtraq&m=101363233905645&w=2
http://sips.sourceforge.net/adminvul.html
http://www.iss.net/security_center/static/8193.php
http://www.securityfocus.com/bid/4097
http://marc.info/?l=bugtraq&m=101363233905645&w=2
http://sips.sourceforge.net/adminvul.html
http://www.iss.net/security_center/static/8193.php
http://www.securityfocus.com/bid/4097

Products affected by CVE-2002-0267

Sips » Sips » Version: 0.2.4

cpe:2.3:a:sips:sips:0.2.4
Sips » Sips » Version: 0.3.0

cpe:2.3:a:sips:sips:0.3.0
Sips » Sips » Version: 0.3.0pl1

cpe:2.3:a:sips:sips:0.3.0pl1
Sips » Sips » Version: 0.3.0pl2

cpe:2.3:a:sips:sips:0.3.0pl2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2002-0267

Products

Pricing

Contact Us