Description
An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches (even guest users) can dump any data contained in the database (sessions, hashed passwords, etc.). This may lead to a full compromise of admin accounts, when combined with the weak password generator algorithm used in the lostpassword functionality.
Remediation
References
Related Vulnerabilities
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-7888)
SharePoint CVE-2017-8511 Vulnerability (CVE-2017-8511)
Internet Information Services Other Vulnerability (CVE-2002-0869)
WordPress Plugin Events Manager Extended Multiple HTML Injection Vulnerabilities (3.1.2)
WordPress Multiple Cross-Site Scripting Vulnerabilities (2.0 - 2.0.1)