Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wampserver vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-11517
WampServer prior to 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner.
Wampserver Wampserver
8.8
CVSSv3
CVE-2022-36565
Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated malicious users to execute arbitrary code via overwriting binaries located in the directory.
Wampserver Wampserver
8.8
CVSSv3
CVE-2018-8817
Wampserver prior to 3.1.3 has CSRF in add_vhost.php.
Wampserver Wampserver
1 EDB exploit
6.1
CVSSv3
CVE-2018-1000848
Wampserver version prior to version 3.1.5 contains a Cross Site Scripting (XSS) vulnerability in index.php localhost page that can result in very low. This attack appear to be exploitable via payload onmouseover. This vulnerability appears to have been fixed in 3.1.5 and later.
Wampserver Wampserver
7.5
CVSSv3
CVE-2016-10072
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploi...
Wampserver Wampserver 3.0.6
5.4
CVSSv3
CVE-2018-8732
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote malicious users to inject arbitrary web script or HTML via the virtual_del parameter.
Wampserver Wampserver 3.1.1
1 EDB exploit
NA
CVE-2010-0700
Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote malicious users to inject arbitrary web script or HTML via the lang parameter.
Wampserver Wampserver 2.0i
1 EDB exploit
7.5
CVSSv3
CVE-2016-10031
WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges ...
Wampserver Wampserver 3.0.6
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started