Description

CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters.

Remediation

References

CVE-2009-1149

Related Vulnerabilities

Oracle JRE CVE-2018-2639 Vulnerability (CVE-2018-2639)

WordPress Plugin NextScripts:Social Networks Auto-Poster Cross-Site Scripting (4.3.23)

WordPress Plugin PAYPAL CURRENCY CONVERTER BASIC FOR WOOCOMMERCE Arbitrary File Disclosure (1.3)

Ampache Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-15153)

MySQL CVE-2017-3251 Vulnerability (CVE-2017-3251)

Severity

High

Classification

CVE-2009-1149 CWE-20

Tags

Missing Update Known Vulnerabilities