CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5055 – Vulnerability of uncontrolled resource consumption in XAMPP
https://notcve.org/view.php?id=CVE-2024-5055
17 May 2024 — Uncontrolled resource consumption vulnerability in XAMPP Windows, versions 7.3.2 and earlier. This vulnerability exists when XAMPP attempts to process many incomplete HTTP requests, resulting in resource consumption and system crashes. Vulnerabilidad de consumo descontrolado de recursos en XAMPP Windows, versiones 7.3.2 y anteriores. Esta vulnerabilidad existe cuando XAMPP intenta procesar muchas solicitudes HTTP incompletas, lo que provoca consumo de recursos y fallos del sistema. • https://www.incibe.es/en/incibe-cert/notices/aviso/vulnerability-uncontrolled-resource-consumption-xampp • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2008-4450
https://notcve.org/view.php?id=CVE-2008-4450
06 Oct 2008 — Cross-site scripting (XSS) vulnerability in adodb.php in XAMPP for Windows 1.6.8 allows remote attackers to inject arbitrary web script or HTML via the (1) dbserver, (2) host, (3) user, (4) password, (5) database, and (6) table parameters. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Una vulnerabilidad de secuencias de comándos en sitios cruzados (XSS) en adodb.php en XAMPP para Windows 1.6.8 permite a atacantes remotos inyectar secuencia... • http://secunia.com/advisories/32134 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2008-3569 – XAMPP Linux 1.6 - 'ming.php?text' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2008-3569
10 Aug 2008 — Multiple cross-site scripting (XSS) vulnerabilities in XAMPP 1.6.7, when register_globals is enabled, allow remote attackers to inject arbitrary web script or HTML via the text parameter to (1) iart.php and (2) ming.php. Múltiples vulnerabilidades de ejecución de comandos en sitios cruzados (XSS) en XAMPP 1.6.7, cuando register_globals está activado, permite a atacantes remos inyectar secuencias de comandos web o HTML de su eleccción a través de los parámetros (1) iart.php y (2) ming.php. • https://www.exploit-db.com/exploits/32165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •