Vulnerabilities > Ampache > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-09 | CVE-2024-47828 | Cross-Site Request Forgery (CSRF) vulnerability in Ampache ampache is a web based audio/video streaming application and file manager. | 6.5 |
| 2024-09-27 | CVE-2024-47184 | Cross-site Scripting vulnerability in Ampache Ampache is a web based audio/video streaming application and file manager. | 4.8 |
| 2023-02-01 | CVE-2023-0606 | Cross-site Scripting vulnerability in Ampache Cross-site Scripting (XSS) - Reflected in GitHub repository ampache/ampache prior to 5.5.7. | 6.1 |
| 2019-08-22 | CVE-2019-12385 | SQL Injection vulnerability in Ampache An issue was discovered in Ampache through 3.9.1. | 6.5 |
| 2019-05-24 | CVE-2017-18375 | Deserialization of Untrusted Data vulnerability in Ampache 3.8.3 Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. | 6.5 |
| 2007-08-20 | CVE-2007-4438 | Improper Authentication vulnerability in Ampache Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessions via unspecified vectors. | 6.8 |
| 2007-08-20 | CVE-2007-4437 | SQL Injection vulnerability in Ampache Albums.PHP SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execute arbitrary SQL commands via the match parameter. network ampache | 6.8 |