Description

CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter.

Remediation

References

CVE-2011-4545

Related Vulnerabilities

XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41928)

MySQL CVE-2021-2299 Vulnerability (CVE-2021-2299)

MySQL CVE-2021-2179 Vulnerability (CVE-2021-2179)

WordPress Plugin Weather Effect-Christmas Santa Snow Falling Cross-Site Request Forgery (1.3.3)

Lighttpd Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2014-2324)

Severity

Medium

Classification

CVE-2011-4545 CWE-94

Tags

Missing Update Known Vulnerabilities