CVE-2002-2218 Information

Description

CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple integrated publishing system (SIPS) before 20020209 has unknown impact possibly gaining privileges or modifying critical configuration via a CRLF sequence in a key value.

Reference

http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?r1=1.13&r2=1.14 http://sips.cvs.sourceforge.net/sips/sips/sipssys/code/site.inc.php?view=log