11 matches found
EUVD-2021-19468
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-32644
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code...
Ampache 4.4.2 Cross Site Scripting
Information -------------------- Advisory by Netsparker Name: Cross-site Scripting vulnerability in Ampache 4.4.2 Affected Software: Ampache Affected Versions: 4.4.2 Homepage: http://ampache.org/ Vulnerability: Cross-Site Scripting Severity: High Status: Fixed CVSS Score 3.0: 7.4 High Netsparker...
Code injection
Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...
UBUNTU-CVE-2021-32644
Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...
CVE-2021-32644
Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...
CVE-2021-32644 Cross-site Scripting in Random.php
Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via 1 the val parameter to alphabet.php in an alpha.albums action, or the PATHINFO to 2 random.php or 3 admin/hidden.php...
CVE-2007-4811
Multiple cross-site scripting XSS vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via 1 the val parameter to alphabet.php in an alpha.albums action, or the PATHINFO to 2 random.php or 3 admin/hidden.php...
CVE-2007-4811
CVE-2007-4811 concerns multiple cross-site scripting (XSS) vulnerabilities in Netjuke 1.0-rc2. The affected entry indicates that remote attackers can inject arbitrary web script or HTML via (1) the val parameter to alphabet.php in an alpha.albums action, or (2) the PATH_INFO to random.php, or (3)...
CVE-2007-4811
Multiple cross-site scripting XSS vulnerabilities in Netjuke 1.0-rc2 allow remote attackers to inject arbitrary web script or HTML via 1 the val parameter to alphabet.php in an alpha.albums action, or the PATHINFO to 2 random.php or 3 admin/hidden.php...