Known Vulnerabilities for products from Apachefriends
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Apachefriends".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-47637 json | The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files u... | 6.7 - MEDIUM | 2023-09-12 | 2023-09-15 |
| CVE-2022-29376 json | Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attacke... | 8.8 - HIGH | 2022-05-23 | 2022-06-07 |
| CVE-2020-11107 json | An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user... | 8.8 - HIGH | 2020-04-02 | 2021-10-18 |
| CVE-2019-8924 json | XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel parameter. NOTE: This product is discontinued. | 6.1 - MEDIUM | 2019-05-17 | 2019-05-17 |
| CVE-2019-8923 json | XAMPP through 5.6.8 and previous allows SQL injection via the cds-fpdf.php jahr parameter. NOTE: This product is discontinued... | 9.8 - CRITICAL | 2019-05-14 | 2019-05-16 |
| CVE-2019-8920 json | iart.php in XAMPP 1.7.0 has XSS, a related issue to CVE-2008-3569. | 6.1 - MEDIUM | 2019-07-09 | 2019-07-11 |
| CVE-2017-20018 json | A vulnerability was found in XAMPP 7.1.1-0-VC14. It has been classified as problematic. Affected is an unknown function of th... | 7.8 - HIGH | 2022-06-09 | 2022-06-17 |
| CVE-2013-2586 json | XAMPP 1.8.1 does not properly restrict access to xampp/lang.php, which allows remote attackers to modify xampp/lang.tmp and e... | 4.3 - MEDIUM | 2014-09-29 | 2017-08-29 |
| CVE-2009-0919 json | XAMPP installs multiple packages with insecure default passwords, which makes it easier for remote attackers to obtain access... | Not Provided | 2009-03-16 | 2026-04-23 |
| CVE-2008-6499 json | security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote ... | Not Provided | 2009-03-20 | 2026-04-23 |
| CVE-2008-6498 json | Cross-site request forgery (CSRF) vulnerability in security/xamppsecurity.php in XAMPP 1.6.8 allows remote attackers to hijac... | Not Provided | 2009-03-20 | 2026-04-23 |
| CVE-2006-4994 json | Multiple unquoted Windows search path vulnerabilities in Apache Friends XAMPP 1.5.2 might allow local users to gain privilege... | 4.6 - MEDIUM | 2006-09-26 | 2023-11-07 |
Known software with vulnerabilities from Apachefriends
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Apachefriends | Xampp | - |