Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ampache vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-18375
Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.
Ampache Ampache 3.8.3
5.4
CVSSv3
CVE-2021-32644
Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running...
Ampache Ampache 4.4.2
1 Github repository
NA
CVE-2008-3929
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.
Ampache Ampache 3.4.1
NA
CVE-2024-28852
Ampache is a web based audio/video streaming application and file manager. Ampache has multiple reflective XSS vulnerabilities,this means that all forms in the Ampache that use `rule` as a variable are not secure. For example, when querying a song, when querying a podcast, we nee...
NA
CVE-2024-28853
Ampache is a web based audio/video streaming application and file manager. Stored Cross Site Scripting (XSS) vulnerability in ampache before v6.3.1 allows a remote malicious user to execute code via a crafted payload to serval parameters in the post request of /preferences.php?ac...
NA
CVE-2005-3330
The _httpsrequest function in Snoopy 1.2, as used in products such as (1) MagpieRSS, (2) WordPress, (3) Ampache, and (4) Jinzora, allows remote malicious users to execute arbitrary commands via shell metacharacters in an HTTPS URL to an SSL protected web page, which is not proper...
Snoopy Snoopy 1.2
1 EDB exploit
NA
CVE-2005-1921
Eval injection vulnerability in PEAR XML_RPC 1.3.0 and previous versions (aka XML-RPC or xmlrpc) and PHPXMLRPC (aka XML-RPC For PHP or php-xmlrpc) 1.1 and previous versions, as used in products such as (1) WordPress, (2) Serendipity, (3) Drupal, (4) egroupware, (5) MailWatch, (6)...
Php Xml Rpc
Gggeek Phpxmlrpc
Drupal Drupal
Tiki Tikiwiki Cms\\/groupware
Debian Debian Linux 3.1
5 EDB exploits
NA
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
NA
CVE-2014-1878
Stack-based buffer overflow in the cmd_submitf function in cgi/cmd.c in Nagios Core, possibly 4.0.3rc1 and previous versions, and Icinga prior to 1.8.6, 1.9 prior to 1.9.5, and 1.10 prior to 1.10.3 allows remote malicious users to cause a denial of service (segmentation fault) vi...
Nagios Nagios
Icinga Icinga 1.10.0
Icinga Icinga 1.8.0
Icinga Icinga 1.8.1
Nagios Nagios 4.0.0
Icinga Icinga 1.9.2
Icinga Icinga 1.9.3
Icinga Icinga 1.9.4
Icinga Icinga 1.9.0
Icinga Icinga 1.9.1
Icinga Icinga 1.8.4
Icinga Icinga
Icinga Icinga 1.10.1
Icinga Icinga 1.10.2
Icinga Icinga 1.8.2
Icinga Icinga 1.8.3
Nagios Nagios 4.0.2
NA
CVE-2013-7205
Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and previous versions allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key ...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.2.0
Nagios Nagios 3.2.1
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.1.2
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977
IMAP
local users
CVE-2024-32038
CVE-2023-49963
CVE-2023-22869
CVE-2024-31497
local
CVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »