CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2008-6499

security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTE_ADDR variable to 127.0.0.1.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.1%

CVSS Severity

CVSS v2 Score 5.5

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/47202
https://www.exploit-db.com/exploits/7384
https://exchange.xforce.ibmcloud.com/vulnerabilities/47202
https://www.exploit-db.com/exploits/7384

Products affected by CVE-2008-6499

Apachefriends » Xampp » Version: 1.6.8

cpe:2.3:a:apachefriends:xampp:1.6.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2008-6499

Products

Pricing

Contact Us