WEB APPLICATION VULNERABILITIES Standard & Premium

Ampache Deserialization of Untrusted Data Vulnerability (CVE-2017-18375)

Description

Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.

Remediation

References

Related Vulnerabilities

WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (5.0.12)

WordPress Plugin WP ERP-Complete WordPress Business Manager with HR, CRM & Accounting Systems for Small Businesses Cross-Site Request Forgery (1.6.3)

Oracle JRE CVE-2014-2402 Vulnerability (CVE-2014-2402)

WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3)

XWiki Missing Authorization Vulnerability (CVE-2023-41046)

Severity

High

Classification

CVE-2017-18375 CWE-502 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities