CVE-2017-18375

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2017-18375
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18375.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-18375
Downstream
Published
2019-05-24T18:29:00.723Z
Modified
2025-11-20T10:39:48.935209Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php.

References

Affected packages

Git / github.com/ampache/ampache

Affected ranges

Type
GIT
Repo
https://github.com/ampache/ampache
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
74259b9c41aacb8cc2bd6ef1c1b513fe4d72a551

Affected versions

3.*
3.6-alpha1
3.6-alpha2
3.6-alpha3
3.6-alpha4
3.6-alpha5
3.6-alpha6
3.7.0
3.8.0
3.8.0-beta1
3.8.0-beta2
3.8.1
3.8.1-beta1
3.8.1-beta2
3.8.2
3.8.3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-18375.json"