Lately, there is an old vulnerability that not yet been fixed in WampServer where it related to Cross Site Request Forgery. The previous CVE for this vulnerabilities is CVE-2018-8817(

The attacker can still abuse this old flaw to get to the new vhosts that been deleted or added in the Apache configuration file

The score for this vulnerability are such as follows:

CVSS 3.0

  • Impact Score: 3.6
  • Exploitability Score: 2.8
  • Base Score: 6.5

CVSS 2.0

  • Impact Score: 4.9
  • Exploitability Score: 8.6
  • Base Score: 5.8


It was been advisable to update to the WampServer 3.1.9


By Wan Ariff

He brings with him working experience in Information Security filed which specializing in Penetration Testing and Digital Forensic. His passion is more to IT Security

Leave a Reply

Your email address will not be published. Required fields are marked *