Description: Some vulnerabilities have been reported in Ampache, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct session fixation attacks.
1) Input passed to the "match" parameter in albums.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
2) An error in the session handling code can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link.
The vulnerabilities are reported in versions prior to 3.3.3.5.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.