CVE ID: CVE-2019-11517 Vulnerability Type: CSRF (Cross-Site Request Forgery) Affected Product: WampServer 3.1.4-3.1.8 Official Description: WampServer is a Windows web development environment that includes Apache2, PHP, MySQL database, and PhpMyAdmin for managing databases. Vulnerability Description: The script in the admin panel is vulnerable to CSRF. This script was previously patched for CVE-2018-8817, but the fix was not properly implemented in WampServer 3.1.3 to 3.1.8, allowing attackers to exploit it to create new virtual hosts or manipulate existing ones in the Apache configuration file. Technical Requirement: Successful exploitation requires that the admin has not opened the file in the current browser session, causing random tokens not to be initialized. Fixed WampServer Version: 3.1.9 Official Changelog: Link provided for more details.