RSS   Vulnerabilities for 'Ampache'   RSS

2008-09-04
 
CVE-2008-3929

CWE-59
 

 
gather-messages.sh in Ampache 3.4.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/filelist temporary file.

 
2007-08-20
 
CVE-2007-4438

CWE-287
 

 
Session fixation vulnerability in Ampache before 3.3.3.5 allows remote attackers to hijack web sessions via unspecified vectors.

 
 
CVE-2007-4437

 

 
SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows remote attackers to execute arbitrary SQL commands via the match parameter. NOTE: some details are obtained from third party information.

 
2006-11-02
 
CVE-2006-5668

 

 
Unspecified vulnerability in Ampache 3.3.2 and earlier, when register_globals is enabled, allows remote attackers to bypass security restrictions and gain guest access.

 


Copyright 2017, cxsecurity.com