Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ampache ampache vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-18375
Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.
Ampache Ampache 3.8.3
NA
CVE-2014-1878
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and previous versions, and Icinga prior to 1.8.6, 1.9 prior to 1.9.5, and 1.10 prior to 1.10.3 allows remote malicious users to cause a denial of service (segmentation fault) vi...
Nagios Nagios
Icinga Icinga 1.10.0
Icinga Icinga 1.8.0
Icinga Icinga 1.8.1
Nagios Nagios 4.0.0
Icinga Icinga 1.9.2
Icinga Icinga 1.9.3
Icinga Icinga 1.9.4
Icinga Icinga 1.9.0
Icinga Icinga 1.9.1
Icinga Icinga 1.8.4
Icinga Icinga
Icinga Icinga 1.10.1
Icinga Icinga 1.10.2
Icinga Icinga 1.8.2
Icinga Icinga 1.8.3
Nagios Nagios 4.0.2
NA
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and previous versions, and Icinga prior to 1.8.5, 1.9 prior to 1.9.4, and 1.10 prior to 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a l...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.1
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.1.2
Nagios Nagios 3.2.0
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Icinga Icinga 1.9.0
1 EDB exploit
NA
CVE-2013-7205
Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and previous versions allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key ...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.2.0
Nagios Nagios 3.2.1
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.1.2
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
NA
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
NA
CVE-2008-3929
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.
Ampache Ampache 3.4.1
NA
CVE-2007-4437
SQL injection vulnerability in albums.php in Ampache prior to 3.3.3.5 allows remote malicious users to execute arbitrary SQL commands via the match parameter. NOTE: some details are obtained from third party information.
Ampache Ampache
NA
CVE-2007-4438
Session fixation vulnerability in Ampache prior to 3.3.3.5 allows remote malicious users to hijack web sessions via unspecified vectors.
Ampache Ampache
NA
CVE-2006-5668
Unspecified vulnerability in Ampache 3.3.2 and previous versions, when register_globals is enabled, allows remote malicious users to bypass security restrictions and gain guest access.
Ampache Ampache 3.2
Ampache Ampache 3.3.2
Ampache Ampache 3.2.1
Ampache Ampache 3.2.2
Ampache Ampache 3.2.3
Ampache Ampache 3.2.4
Ampache Ampache 3.3
Ampache Ampache 3.3.1
Ampache Ampache 3.3.1.2
NA
CVE-2005-3330
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not proper...
Snoopy Snoopy 1.2
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »