Cross-Site Request Forgery in XAMPP by Apache Friends
CVE-2008-6498

Currently unrated

Key Information:

Vendor

Apachefriends

Status
Xampp
Vendor
CVE Published:
20 March 2009

What is CVE-2008-6498?

A Cross-Site Request Forgery (CSRF) vulnerability exists in the security/xamppsecurity.php file of XAMPP version 1.6.8. This issue enables remote attackers to exploit the authentication of users by sending crafted requests that modify the .htaccess password through the xampppasswd parameter. If successful, this vulnerability could allow unauthorized changes to sensitive configurations, compromising the security of the web application. Users of XAMPP 1.6.8 should take steps to mitigate this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.exploit-db.com/exploits/7384
exploitx_refsource_EXPLOIT-DB
http://secunia.com/advisories/32134
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/47201
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.