Description
Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2014-2414 Vulnerability (CVE-2014-2414)
WordPress Plugin Processing Embed 'pluginurl' Parameter Cross-Site Scripting (0.5)
WordPress Plugin Connections Business Directory Cross-Site Scripting (8.5.8)
Oracle JRE CVE-2013-2442 Vulnerability (CVE-2013-2442)
Jenkins Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2017-2612)