134 matches found
CVE-2018-8732
Cross-site scripting XSS vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtualdel parameter...
CVE-2018-8732
Cross-site scripting XSS vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtualdel parameter...
CVE-2018-8732
Cross-site scripting XSS vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtualdel parameter...
CVE-2018-8732
CVE-2018-8732 describes a cross-site scripting (XSS) vulnerability in WampServer 3.1.1 that can be triggered via the virtual_del parameter, allowing remote injection of script/HTML. Multiple connected sources (Exploit-DB, exploit packs, and CVE records) confirm the vulnerability and a CSRF-exploi...
wampserver.com XSS vulnerability
Vulnerable URL: http://wampserver.com/?s=%22%3E%3Csvg/onload=confirm/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 07.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 26342 VIP website status:| Yes Coordinated...
Wampserver Insecure File Elevation of Privilege Vulnerability
WampServer is Windows Apache Mysql PHP integrated installation environment, i.e. server software for apache, php and mysql under window. An insecure file elevation of privilege vulnerability exists in Wampserver version 3.0.6, which originates from the program's 'wampapache' and 'wampmysqld'...
WampServer Arbitrary Code Execution Vulnerability
WampServer is an integrated installation of Apache, Mysql and PHP for the Windows platform. A security vulnerability exists in the wampmanager.exe and unins000.exe files in WampServer version 3.0.6. A local attacker can replace the source file with the wampmanager.exe executable or the unins000.e...
CVE-2016-10072
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...
Code injection
WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...
Code injection
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...
CVE-2016-10031
WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...
CVE-2016-10072
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...
CVE-2016-10031
WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...
CVE-2016-10072
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...
CVE-2016-10031
Summary (CVE-2016-10031) WampServer 3.0.6 is affected by weak file permissions in two services, wampapache and wampmysqld , which run with SYSTEM privileges. An authorized local user could replace the original executables (mysqld.exe or httpd.exe); on the next service start, the malicious file wo...
CVE-2016-10072
WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...
CVE-2016-10031
WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...
CVE-2016-10072
WampServer 3.0.6 is affected by an arbitrary code execution vulnerability due to a weak Modify ACL on two files, wampmanager.exe and unins000.exe. A local, authorized but non-privileged user can replace these executable files, and when a more privileged user launches either program, malicious cod...
PT-2016-4568 · Wampserver Team · Wampserver
Name of the Vulnerable Software and Affected Versions: WampServer version 3.0.6 Description: The issue concerns two files, wampmanager.exe and unins000.exe, which have a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with...
PT-2016-4559 · Wampserver · Wampserver
Name of the Vulnerable Software and Affected Versions: WampServer version 3.0.6 Description: The issue arises from weak file permissions in two services, 'wampapache' and 'wampmysqld', which run with SYSTEM privileges. This could allow a local, non-privileged user to execute arbitrary code with...