Vulnerabilities > Apachefriends > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-09-12 CVE-2022-47637 Improper Preservation of Permissions vulnerability in Apachefriends Xampp
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory.
local
low complexity
apachefriends CWE-281
6.7
6.7
2019-07-09 CVE-2019-8920 Cross-site Scripting vulnerability in Apachefriends Xampp 1.7.0
iart.php in XAMPP 1.7.0 has XSS, a related issue to CVE-2008-3569.
network
low complexity
apachefriends CWE-79
6.1
6.1
2019-05-17 CVE-2019-8924 Cross-site Scripting vulnerability in Apachefriends Xampp 1.5.2/1.7.0/5.6.8
XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter.
network
low complexity
apachefriends CWE-79
6.1
6.1