Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ampache — Vulnerabilities & Security Advisories 18

Browse all 18 CVE security advisories affecting ampache. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ampache:ampacheampache/ampache
CVE IDTitleCVSSSeverityPublished
CVE-2024-51484 Insufficient Validation in Controllers (Activation/Deactivation) in Ampache — ampacheCWE-352 6.5AIMediumAI2024-11-11
CVE-2024-51485 Insufficient Validation in Plugins (Activation/Deactivation) in Ampache — ampacheCWE-352 6.5AIMediumAI2024-11-11
CVE-2024-51486 Stored Cross-Site Scripting in Ampache — ampacheCWE-79 5.5 Medium2024-11-11
CVE-2024-51487 Insufficient Validation in Catalog (Activation/Deactivation) in Ampache — ampacheCWE-352 6.5AIMediumAI2024-11-11
CVE-2024-51488 Insufficient Validation in Delete Message in Ampache — ampacheCWE-352 8.1AIHighAI2024-11-11
CVE-2024-51489 Insufficient Message Token Validation in Ampache — ampacheCWE-352 8.1AIHighAI2024-11-11
CVE-2024-51490 Stored Cross-Site Scripting in Ampache — ampacheCWE-79 5.5 Medium2024-11-11
CVE-2024-47828 Cross-Site Request Forgery in ampache — ampacheCWE-352 5.3 Medium2024-10-09
CVE-2024-47184 Ampache vulnerable to Stored XSS via Democratic Playlist Name — ampacheCWE-79 6.1 Medium2024-09-27
CVE-2024-41665 Ampache Stored Cross-site Scripting Vulnerability — ampacheCWE-79 5.5 Medium2024-07-23
CVE-2024-28852 Ampache has multiple reflective XSS vulnerabilities — ampacheCWE-79 6.1 Medium2024-03-27
CVE-2024-28853 Ampache Stored XSS — ampacheCWE-79 3.9 Low2024-03-27
CVE-2023-0771 SQL Injection in ampache/ampache — ampache/ampacheCWE-89 8.8 -2023-02-10
CVE-2023-0606 Cross-site Scripting (XSS) - Reflected in ampache/ampache — ampache/ampacheCWE-79 6.1 -2023-02-01
CVE-2022-4665 Unrestricted Upload of File with Dangerous Type in ampache/ampache — ampache/ampacheCWE-434 8.0 -2022-12-23
CVE-2021-32644 Cross-site Scripting in Random.php — ampacheCWE-79 6.4 Medium2021-06-22
CVE-2020-15153 Unauthenticated SQL injection in Ampache — ampacheCWE-89 8.2 High2021-04-30
CVE-2021-21399 Unauthenticated SubSonic backend access in Ampache — ampacheCWE-284 9.1 Critical2021-04-13

This page lists every published CVE security advisory associated with ampache. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.