Wampserver: >> Wampserver >> 3.1.6 Security Vulnerabilities
Incorrect access control in the install directory (C:\Wamp64) of Wamp v3.2.6 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-08-30
WampServer before 3.1.9 has CSRF in add_vhost.php because the synchronizer pattern implemented as remediation of CVE-2018-8817 was incomplete. An attacker could add/delete any vhosts without the consent of the owner.
CVSS Score
6.5
EPSS Score
0.001
Published
2019-06-10