Description

CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter.

Remediation

References

CVE-2011-4545

Related Vulnerabilities

Squid Improper Privilege Management Vulnerability (CVE-2019-12522)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-5336)

WordPress Plugin AdWizz 'link' Parameter Cross-Site Scripting (1.0)

WordPress Plugin 123ContactForm for WordPress Multiple Vulnerabilities (1.5.6)

Plone CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2012-5493)

Severity

Medium

Classification

CVE-2011-4545 CWE-94

Tags

Missing Update Known Vulnerabilities