Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Ampache Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-15153 - Vulnerability Database
Ampache

Ampache Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2020-15153

Critical
Reference: CVE-2020-15153
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-15153
Title: Ampache Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and the development branch.