Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wampserver vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2019-11517
WampServer prior to 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner.
Wampserver Wampserver
NA
CVE-2022-36565
Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated malicious users to execute arbitrary code via overwriting binaries located in the directory.
Wampserver Wampserver
4.3
CVSSv2
CVE-2018-1000848
Wampserver version prior to version 3.1.5 contains a Cross Site Scripting (XSS) vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later.
Wampserver Wampserver
6.8
CVSSv2
CVE-2018-8817
Wampserver prior to 3.1.3 has CSRF in add_vhost.php.
Wampserver Wampserver
1 EDB exploit
6.9
CVSSv2
CVE-2016-10031
WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges ...
Wampserver Wampserver 3.0.6
1 EDB exploit
6.9
CVSSv2
CVE-2016-10072
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploi...
Wampserver Wampserver 3.0.6
4.3
CVSSv2
CVE-2010-0700
Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Wampserver Wampserver 2.0i
1 EDB exploit
3.5
CVSSv2
CVE-2018-8732
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the virtual_del parameter.
Wampserver Wampserver 3.1.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started