CVE-2024-46547

HIGH

Romain Bourdon Wampserver - Info Disclosure

Title source: llm

Description

A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access sensitive information due to improper access control validation via PHP Info Page. This issue can lead to data leaks.

References (1)

Core 1

Core References

Various Sources

https://gist.github.com/omkar170/232236c38b6e795fb73921e555e1a609

Scores

CVSS v3 7.5

EPSS 0.0037

EPSS Percentile 28.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-116

Status published

Published Dec 09, 2024

Tracked Since Feb 18, 2026