Vulnerabilities > Wampserver > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-06-10 CVE-2019-11517 Cross-Site Request Forgery (CSRF) vulnerability in Wampserver
WampServer before 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete.
network
low complexity
wampserver CWE-352
6.5
6.5
2018-12-20 CVE-2018-1000848 Cross-site Scripting vulnerability in Wampserver
Wampserver version prior to version 3.1.5 contains a Cross Site Scripting (XSS) vulnerability in index.php localhost page that can result in very low.
network
low complexity
wampserver CWE-79
6.1
6.1
2018-03-19 CVE-2018-8732 Cross-site Scripting vulnerability in Wampserver 3.1.1
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtual_del parameter.
network
low complexity
wampserver CWE-79
5.4
5.4