CVE-2009-1149

CVE-2009-1149 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

CRLF injection vulnerability in bs_disp_as_mime_type.php in the BLOB streaming feature in phpMyAdmin before 3.1.3.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the (1) c_type and possibly (2) file_type parameters.

Learn more about our Web Application Penetration Testing UK.