Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unauthenticated SQL injection in Ampache
Vulnerability Description
Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and the development branch.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Ampache SQL注入漏洞
Vulnerability Description
Ampache是一款基于Web的音频/视频应用程序和文件管理器。 Ampache 4.2.2之前版本存在SQL注入漏洞,该漏洞允许未经身份验证的用户执行SQL注入。
CVSS Information
N/A
Vulnerability Type
N/A