Lately, there is an old vulnerability that not yet been fixed in WampServer where it related to Cross Site Request Forgery. The previous CVE for this vulnerabilities is CVE-2018-8817(https://www.exploit-db.com/exploits/44385)
The attacker can still abuse this old flaw to get to the new vhosts that been deleted or added in the Apache configuration file
The score for this vulnerability are such as follows:
CVSS 3.0
- Impact Score: 3.6
- Exploitability Score: 2.8
- Base Score: 6.5
CVSS 2.0
- Impact Score: 4.9
- Exploitability Score: 8.6
- Base Score: 5.8
Recommendation
It was been advisable to update to the WampServer 3.1.9
Source: https://seclists.org/bugtraq/2019/Jun/10
