Lucene search
K

45 matches found

Cvelist
Cvelist
added 2003/04/02 5:0 a.m.22 views

CVE-2002-0267

preferences.php in Simple Internet Publishing System SIPS before 0.3.1 allows remote attackers to gain administrative privileges via a linebreak in the "theme" field followed by the Status::admin command, which causes the Status line to be entered into the password file...

7AI score0.02615EPSS
Exploits0References4
securityvulns
securityvulns
added 2003/03/19 12:0 a.m.134 views

SIPS (PHP)

Product : SIPS Version : v0.2.2 WebSite : http://www.squishdot.org Problem : Viewing users account Description: ------------ You could easily look throught any user's account without any permissions. Each of them is in dir names after first letter of his login. For example foo will have url like...

7AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-2218

CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system SIPS before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value...

10CVSS7AI score0.01353EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/02/15 12:0 a.m.31 views

SIPS - vulnerable to anyone gaining admin access.

!/exploit/by/b0iler sips - http://sourceforge.net/projects/sips/ versions lower than 0.3.1 Taken from freshmeat: "About: SIPS is an integrated Weblog and link-indexing system written in PHP. It is aimed at those with access to databaseless, PHP-enabled Web servers who want to run a Weblog site li...

7.2AI score
Exploits0
NVD
NVD
added 2000/12/31 5:0 a.m.15 views

CVE-2000-1241

Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system SIPS before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."...

10CVSS6.6AI score0.01399EPSS
Exploits0References1
Rows per page
Query Builder