CVE-2011-4545

CRLF injection vulnerability in admin/displayImage.php in Prestashop 1.4.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the name parameter.

Published: Dec 2, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-4545
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
prestashop / prestashop	1.4.4.1	1.4.4.1.x

http://www.securityfocus.com/bid/50785
https://www.dognaedis.com/vulns/DGS-SEC-7.html

Vulnerability Database

CVE-2011-4545