CVE-2002-0267

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
29/05/2002
Last modified:
03/04/2025

Description

preferences.php in Simple Internet Publishing System (SIPS) before 0.3.1 allows remote attackers to gain administrative privileges via a linebreak in the "theme" field followed by the Status::admin command, which causes the Status line to be entered into the password file.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:sips:sips:0.2.4:*:*:*:*:*:*:*
cpe:2.3:a:sips:sips:0.3.0:*:*:*:*:*:*:*
cpe:2.3:a:sips:sips:0.3.0pl1:*:*:*:*:*:*:*
cpe:2.3:a:sips:sips:0.3.0pl2:*:*:*:*:*:*:*