XAMPP Multiple Vulnerabilities June 2009 Network Vulnerability

Summary

XAMPP is prone to multiple vulnerabilities. 1. showcode.php Local File Include Vulnerability An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. This may aid in further attacks. 2. Multiple Cross Site Scripting Vulnerabilities An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and to launch other attacks. 3. Multiple SQL Injection Vulnerabilities Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. These issues affect XAMPP 1.6.8 and prior other versions may be affected as well.

References

http://websecurity.com.ua/3220/
http://websecurity.com.ua/3230/
http://websecurity.com.ua/3257/
http://www.apachefriends.org/en/xampp.html
http://www.securityfocus.com/bid/37997
http://www.securityfocus.com/bid/37998
http://www.securityfocus.com/bid/37999

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Alcatel-Lucent OmniPCX Enterprise Remote Command Execution Vulnerability
ApPHP MicroBlog Remote Code Execution Vulnerability
Apache Struts2 Showcase Skill Name Remote Code Execution Vulnerability
AdMentor Login Flaw
AudiStat multiple vulnerabilities

Take action and discover your vulnerabilities