Vulnerabilities > Wampserver
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-30 | CVE-2022-36565 | Unspecified vulnerability in Wampserver Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | 8.8 |
| 2019-06-10 | CVE-2019-11517 | Cross-Site Request Forgery (CSRF) vulnerability in Wampserver WampServer before 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. | 6.5 |
| 2018-12-20 | CVE-2018-1000848 | Cross-site Scripting vulnerability in Wampserver Wampserver version prior to version 3.1.5 contains a Cross Site Scripting (XSS) vulnerability in index.php localhost page that can result in very low. | 6.1 |
| 2018-03-25 | CVE-2018-8817 | Cross-Site Request Forgery (CSRF) vulnerability in Wampserver Wampserver before 3.1.3 has CSRF in add_vhost.php. | 8.8 |
| 2018-03-19 | CVE-2018-8732 | Cross-site Scripting vulnerability in Wampserver 3.1.1 Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtual_del parameter. | 5.4 |
| 2016-12-27 | CVE-2016-10072 | Permissions, Privileges, and Access Controls vulnerability in Wampserver 3.0.6 WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. | 7.5 |
| 2016-12-27 | CVE-2016-10031 | Permissions, Privileges, and Access Controls vulnerability in Wampserver 3.0.6 WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. | 7.5 |