Wampserver : Security Vulnerabilities, CVEs, (CSRF)
WampServer before 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner.
Max CVSS
6.5
EPSS Score
0.06%
Published
2019-06-10
Updated
2019-06-11
Wampserver before 3.1.3 has CSRF in add_vhost.php.
Max CVSS
8.8
EPSS Score
0.21%
Published
2018-03-25
Updated
2019-06-10
2 vulnerabilities found