Description Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. Remediation References CVE-2017-18375 Related Vulnerabilities CrushFTP Server Deserialization of Untrusted Data Vulnerability (CVE-2017-14035) WordPress Plugin Contact Form for WordPress-Ultimate Form Builder Lite Multiple Vulnerabilities (1.3.7) Magento Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-8130) Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-25577) WordPress Plugin Subscribe to Comments Multiple Cross-Site Scripting Vulnerabilities (2.0.4) Severity High Classification CVE-2017-18375 CWE-502 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities