Описание
security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTE_ADDR variable to 127.0.0.1.
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:apachefriends:xampp:1.6.8:*:*:*:*:*:*:*
EPSS
Процентиль: 84%
0.02228
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
больше 3 лет назад
security/xamppsecurity.php in XAMPP 1.6.8 performs an extract operation on the SERVER superglobal array, which allows remote attackers to spoof critical variables, as demonstrated by setting the REMOTE_ADDR variable to 127.0.0.1.
EPSS
Процентиль: 84%
0.02228
Низкий
5.5 Medium
CVSS2
Дефекты
CWE-94