Vulnerabilities > Ampache

DATE CVE VULNERABILITY TITLE RISK
2023-02-01 CVE-2023-0606 Unspecified vulnerability in Ampache
Cross-site Scripting (XSS) - Reflected in GitHub repository ampache/ampache prior to 5.5.7.
network
low complexity
ampache
6.1
2022-12-23 CVE-2022-4665 Unspecified vulnerability in Ampache
Unrestricted Upload of File with Dangerous Type in GitHub repository ampache/ampache prior to 5.5.6.
network
low complexity
ampache
8.8
2021-06-22 CVE-2021-32644 Unspecified vulnerability in Ampache 4.4.2
Ampache is an open source web based audio/video streaming application and file manager.
network
low complexity
ampache
5.4
2021-04-30 CVE-2020-15153 Unspecified vulnerability in Ampache
Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection.
network
low complexity
ampache
critical
9.8
2021-04-13 CVE-2021-21399 Improper Authentication vulnerability in Ampache
Ampache is a web based audio/video streaming application and file manager.
network
low complexity
ampache CWE-287
7.5
2019-08-22 CVE-2019-12386 Cross-site Scripting vulnerability in Ampache
An issue was discovered in Ampache through 3.9.1.
network
low complexity
ampache CWE-79
5.4
2019-08-22 CVE-2019-12385 SQL Injection vulnerability in Ampache
An issue was discovered in Ampache through 3.9.1.
network
low complexity
ampache CWE-89
8.8
2019-05-24 CVE-2017-18375 Deserialization of Untrusted Data vulnerability in Ampache 3.8.3
Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.
network
low complexity
ampache CWE-502
8.8