Lucene search
K

134 matches found

NVD
NVD
added 2018/03/19 8:29 p.m.16 views

CVE-2018-8732

Cross-site scripting XSS vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtualdel parameter...

5.4CVSS5.4AI score0.01748EPSS
Exploits5References2
OSV
OSV
added 2018/03/19 8:29 p.m.2 views

CVE-2018-8732

Cross-site scripting XSS vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtualdel parameter...

5.4CVSS5.9AI score0.01748EPSS
Exploits5References2
Cvelist
Cvelist
added 2018/03/19 8:0 p.m.19 views

CVE-2018-8732

Cross-site scripting XSS vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtualdel parameter...

5.3AI score0.01748EPSS
Exploits5References2
CVE
CVE
added 2018/03/19 8:0 p.m.64 views

CVE-2018-8732

CVE-2018-8732 describes a cross-site scripting (XSS) vulnerability in WampServer 3.1.1 that can be triggered via the virtual_del parameter, allowing remote injection of script/HTML. Multiple connected sources (Exploit-DB, exploit packs, and CVE records) confirm the vulnerability and a CSRF-exploi...

5.4CVSS5.3AI score0.01748EPSS
Exploits5References2Affected Software1
Openbugbounty
Openbugbounty
added 2017/10/09 2:37 p.m.12 views

wampserver.com XSS vulnerability

Vulnerable URL: http://wampserver.com/?s=%22%3E%3Csvg/onload=confirm/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 07.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 26342 VIP website status:| Yes Coordinated...

6.3AI score
Exploits0
CNVD
CNVD
added 2016/12/29 12:0 a.m.2 views

Wampserver Insecure File Elevation of Privilege Vulnerability

WampServer is Windows Apache Mysql PHP integrated installation environment, i.e. server software for apache, php and mysql under window. An insecure file elevation of privilege vulnerability exists in Wampserver version 3.0.6, which originates from the program's 'wampapache' and 'wampmysqld'...

7.5CVSS7.5AI score0.0115EPSS
Exploits0References1
CNVD
CNVD
added 2016/12/29 12:0 a.m.4 views

WampServer Arbitrary Code Execution Vulnerability

WampServer is an integrated installation of Apache, Mysql and PHP for the Windows platform. A security vulnerability exists in the wampmanager.exe and unins000.exe files in WampServer version 3.0.6. A local attacker can replace the source file with the wampmanager.exe executable or the unins000.e...

7.5CVSS7.6AI score0.00546EPSS
Exploits1References1
NVD
NVD
added 2016/12/27 7:59 a.m.16 views

CVE-2016-10072

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...

7.5CVSS7.7AI score0.00546EPSS
Exploits1References2
Prion
Prion
added 2016/12/27 7:59 a.m.14 views

Code injection

WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...

6.9CVSS7.8AI score0.0115EPSS
Exploits0References4Affected Software1
Prion
Prion
added 2016/12/27 7:59 a.m.13 views

Code injection

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...

6.9CVSS7.8AI score0.00546EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2016/12/27 7:59 a.m.18 views

CVE-2016-10031

WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...

7.5CVSS7.7AI score0.0115EPSS
Exploits0References4
OSV
OSV
added 2016/12/27 7:59 a.m.4 views

CVE-2016-10072

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...

7.5CVSS6.1AI score0.00546EPSS
Exploits1References2
OSV
OSV
added 2016/12/27 7:59 a.m.4 views

CVE-2016-10031

WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...

7.5CVSS6.1AI score0.0115EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2016/12/27 7:25 a.m.15 views

CVE-2016-10072

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...

7.5AI score0.00546EPSS
Exploits1References2
CVE
CVE
added 2016/12/27 7:25 a.m.75 views

CVE-2016-10031

Summary (CVE-2016-10031) WampServer 3.0.6 is affected by weak file permissions in two services, wampapache and wampmysqld , which run with SYSTEM privileges. An authorized local user could replace the original executables (mysqld.exe or httpd.exe); on the next service start, the malicious file wo...

7.5CVSS7.6AI score0.0115EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2016/12/27 7:25 a.m.26 views

CVE-2016-10072

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...

7.7AI score0.00546EPSS
Exploits1References2
Cvelist
Cvelist
added 2016/12/27 7:25 a.m.23 views

CVE-2016-10031

WampServer 3.0.6 installs two services called 'wampapache' and 'wampmysqld' with weak file permissions, running with SYSTEM privileges. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit th...

7.7AI score0.0115EPSS
Exploits0References4
CVE
CVE
added 2016/12/27 7:25 a.m.64 views

CVE-2016-10072

WampServer 3.0.6 is affected by an arbitrary code execution vulnerability due to a weak Modify ACL on two files, wampmanager.exe and unins000.exe. A local, authorized but non-privileged user can replace these executable files, and when a more privileged user launches either program, malicious cod...

7.5CVSS7.6AI score0.00546EPSS
Exploits1References2Affected Software1
Positive Technologies
Positive Technologies
added 2016/12/27 12:0 a.m.4 views

PT-2016-4568 · Wampserver Team · Wampserver

Name of the Vulnerable Software and Affected Versions: WampServer version 3.0.6 Description: The issue concerns two files, wampmanager.exe and unins000.exe, which have a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with...

7.5CVSS7.7AI score0.00546EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2016/12/27 12:0 a.m.7 views

PT-2016-4559 · Wampserver · Wampserver

Name of the Vulnerable Software and Affected Versions: WampServer version 3.0.6 Description: The issue arises from weak file permissions in two services, 'wampapache' and 'wampmysqld', which run with SYSTEM privileges. This could allow a local, non-privileged user to execute arbitrary code with...

7.5CVSS7.9AI score0.0115EPSS
Exploits0References7
Rows per page
Query Builder