Apache + MariaDB + PHP + Perl
Linux / Apple MacOS / Microsoft Windows
Development use?
Production use?
XAMPP is a free and open-source cross-platform web server solution stack package developed by Apache Friends, consisting mainly of the Apache HTTP Server, MariaDB database, and interpreters for scripts written in the PHP and Perl programming languages.
Since most actual web server deployments use the same components as XAMPP, it makes transitioning from a local test server to a live server possible.
The Apache Friends website indicates that XAMPP stands for "XAMPP Apache + MariaDB + PHP + Perl", making it a recursive acronym. XAMPP formerly used MySQL, but this was replaced with MariaDB on 19 October 2015 and beginning with XAMPP versions 5.5.30 and 5.6.14, altering the meaning of the acronym. It originally stood for Cross-Platform + Apache + MySQL + PHP + Perl.
Source: Wikipedia
XAMPP and Apache Friends have been created by Kai "Oswald" Seidler and Kay Vogelgesang in 2002.
In 2013, Apache Friends has been acquired by Bitrock, creator of Bitnami.
In 2019, Bitrock has been acquired by VMware.
In 2022, Bitrock has been acquired by Backstaff Software without Bitnami.
In 2023, VMware has been acquired by Broadcom.
Badly, since several years ago, there were little updates of XAMPP, it was already not good.
And nothing since 2023 after the sale of VMware.
Since 2002, XAMPP is used in development as well as in production on internal, external, and cloud machines. Attention: If it is not very often updated, there is no security.
On Sourceforge:
- Windows: https://sourceforge.net/projects/xampp/files/XAMPP%20Windows/stats/timeline?dates=2002-09-01+to+2025-01-01&period=monthly
- MacOS: https://sourceforge.net/projects/xampp/files/XAMPP%20Mac%20OS%20X/stats/timeline?dates=2002-09-01+to+2025-01-01&period=monthly
- Linux: https://sourceforge.net/projects/xampp/files/XAMPP%20Linux/stats/timeline?dates=2002-09-01+to+2025-01-01&period=monthly
It is only Sourceforge, there are not external download statistics.
Some CVEs have been solved in latest used software versions
XAMPP has not up-to-date latest software versions
- https://www.cvedetails.com/vulnerability-list/vendor_id-9206/Apachefriends.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-5160/Apache-Friends.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-2780/Xampp.html
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-66/apache-http-server.html
- https://mariadb.com/kb/en/security/
- https://www.cvedetails.com/vulnerability-list/vendor_id-12010/product_id-22503/Mariadb-Mariadb.html
- https://www.php.net/ChangeLog-8.php
- https://www.cvedetails.com/vulnerability-list/vendor_id-74/product_id-128/PHP-PHP.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-10711/Apache-Mod-Perl.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-1885/product_id-13879/Perl-Perl.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-28156/product_id-119508/Strawberryperl-Strawberryperl.html
- https://tomcat.apache.org/security-8.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-887/Apache-Tomcat.html
- https://www.phpmyadmin.net/security/
- https://www.cvedetails.com/vulnerability-list/vendor_id-784/product_id-1341/Phpmyadmin-Phpmyadmin.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-20971/product_id-61904/Filezilla-project-Filezilla-Server.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-2889/product_id-6065/Filezilla-Filezilla-Server-Terminal.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-2889/product_id-5062/Filezilla-Filezilla-Server.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-5460/product_id-9253/Pegasus-Mercury-Mail-Transport-System.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-239/product_id-6531/David-Harris-Mercury-Mail-Transport-System.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-130/product_id-10545/Pmail-Mercury-Mail-Transport-System.html
- https://openssl-library.org/news/vulnerabilities/
- https://www.cvedetails.com/vulnerability-list/vendor_id-217/product_id-383/Openssl-Openssl.html
- https://curl.se/docs/security.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-2852/product_id-4982/Curl-Curl.html
- Not listed (no vulnerability?)
- Not listed (no vulnerability?)
- https://www.cvedetails.com/vulnerability-list/vendor_id-17477/Icu-project.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-7624/Icu-Project.html
- Not listed (no vulnerability?)
- https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-50894/Apache-Libapreq2.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-4076/Libapreq2.html
- https://github.com/libexpat/libexpat/blob/master/expat/Changes
- https://www.cvedetails.com/vulnerability-list/vendor_id-16735/Libexpat-Project.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-7294/Libpng.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-25/product_id-3774/Redhat-Libpng.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-1189/product_id-2056/Greg-Roelofs-Libpng.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-6655/Png-Reference-Library.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-1189/product_id-2094/Greg-Roelofs-Libpng3.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3311/Xmlsoft-Libxml2.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3534/Xmlsoft-Libxml.html
- Not listed (no vulnerability?)
- https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-38464/GNU-Ncurses.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-17277/Ncurses-Project.html
- Not listed (no vulnerability?)
- https://www.cvedetails.com/vulnerability-list/vendor_id-9520/Proftpd.html
- https://www.cvedetails.com/vulnerability-list/vendor_id-204/Proftpd-Project.html
- Not listed (no vulnerability?)
- XAMPP on Wikipedia | Official website: https://www.apachefriends.org/ | Official Sourceforge Project: https://sourceforge.net/projects/xampp/
- Apache HTTP Server on Wikipedia | Official website: https://httpd.apache.org/
- MariaDB on Wikipedia | Official website: https://mariadb.org/
- PHP on Wikipedia | Official website: https://www.php.net/
- mod_perl on Wikipedia | Official website: https://perl.apache.org/
- Perl on Wikipedia | Official website: https://www.perl.org/
- StrawberryPerl on Wikipedia | Official website: https://strawberryperl.com/
- phpMyAdmin on Wikipedia | Official website: https://www.phpmyadmin.net/
- FileZilla on Wikipedia | Official website: https://filezilla-project.org/
- Mercury Mail Transport System on Wikipedia | Official website: https://www.pmail.com/
- OpenSSL on Wikipedia | Official website: https://openssl-library.org/
- Webalizer on Wikipedia
- Curl on Wikipedia | Official website: https://curl.se/
- zlib on Wikipedia | Official website: https://zlib.net/
- Expat/libexpat on Wikipedia | Official website: https://libexpat.github.io/
- libpng on Wikipedia | Official website: http://libpng.org/
- libxml on Wikipedia | Official website: http://xmlsoft.org/
- libxslt on Wikipedia | Official website: http://xmlsoft.org/
- ProFTPD on Wikipedia | Official website: http://www.proftpd.org/
- OpenLDAP on Wikipedia | Official website: https://openldap.org/
- Ming/libming on Wikipedia | Official website: https://github.com/libming/libming
- mcrypt on Wikipedia | Official website: https://mcrypt.sourceforge.net/
- ncurses on Wikipedia | Official website: https://invisible-island.net/ncurses/
- ICU4C on Wikipedia | Official website: https://icu.unicode.org/
- gettext on Wikipedia | Official website: https://www.gnu.org/software/gettext/
- UW IMAP on Wikipedia | Unofficial website: https://github.com/uw-imap/imap
- LibGD on Wikipedia | Official website: https://libgd.github.io/
- FreeType on Wikipedia | Official website: https://freetype.org/
- FreeTDS on Wikipedia | Official website: https://www.freetds.org/
- Apache Portable Runtime (APR) on Wikipedia | Official website: https://apr.apache.org/
- Apache Portable Runtime Utility Library (APR-util) official website: https://apr.apache.org/
- Apache HTTP Request Library official website: https://httpd.apache.org/apreq/
- FPDF official website: http://www.fpdf.org/
- GNU dbm official website: https://www.gnu.org.ua/software/gdbm/
- mhash official website: https://mhash.sourceforge.net/
- R&OS Pdf Class official website: https://sourceforge.net/projects/pdf-php/
- Sablotron official website: https://sourceforge.net/projects/sablotron/
- Bitnami on Wikipedia | Official website: https://bitnami.com/
- VMware on Wikipedia | Official website: https://www.vmware.com/
- Broadcom on Wikipedia | Official website: https://www.broadcom.com/
| Neustradamus | |
|---|---|
| Fediverse/Mastodon | [email protected] |
| AT Protocol/Bluesky | neustradamus.bsky.social |
| X/Twitter | Neustradamus |
| Neustradamus | |
| Hacker News | Neustradamus |