Description Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. Remediation References CVE-2017-18375 Related Vulnerabilities WordPress Plugin Share Buttons by AddThis Cross-Site Scripting (5.0.12) WordPress Plugin WP ERP-Complete WordPress Business Manager with HR, CRM & Accounting Systems for Small Businesses Cross-Site Request Forgery (1.6.3) Oracle JRE CVE-2014-2402 Vulnerability (CVE-2014-2402) WordPress 4.2.3 Multiple Vulnerabilities (0.7 - 4.2.3) XWiki Missing Authorization Vulnerability (CVE-2023-41046) Severity High Classification CVE-2017-18375 CWE-502 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Tags Missing Update Known Vulnerabilities