Filtered by vendor Ampache
Subscribe
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18375 | 1 Ampache | 1 Ampache | 2019-05-30 | 6.5 MEDIUM | 8.8 HIGH |
| Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. | |||||
| CVE-2008-3929 | 1 Ampache | 1 Ampache | 2017-08-08 | 7.2 HIGH | N/A |
| gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file. | |||||
| CVE-2007-4438 | 1 Ampache | 1 Ampache | 2017-07-29 | 6.8 MEDIUM | N/A |
| Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessions via unspecified vectors. | |||||
| CVE-2007-4437 | 1 Ampache | 1 Ampache | 2017-07-29 | 6.8 MEDIUM | N/A |
| SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execute arbitrary SQL commands via the match parameter. NOTE: some details are obtained from third party information. | |||||
| CVE-2006-5668 | 1 Ampache | 1 Ampache | 2017-07-20 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access. | |||||