Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
limesurvey limesurvey vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2020-25798
A stored cross-site scripting (XSS) vulnerability in LimeSurvey before and including 3.21.1 allows authenticated users with correct permissions to inject arbitrary web script or HTML via parameter ParticipantAttributeNamesDropdown of the Attributes on the central participant data...
Limesurvey Limesurvey
790
VMScore
CVE-2019-9960
The downloadZip function in application/controllers/admin/export.php in LimeSurvey up to and including 3.16.1+190225 allows a relative path.
Limesurvey Limesurvey
1 Metasploit module
578
VMScore
CVE-2015-4628
SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey prior to 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter.
Limesurvey Limesurvey
685
VMScore
CVE-2007-5573
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and previous versions allows remote malicious users to execute arbitrary PHP code via a URL in the rootdir parameter.
Limesurvey Limesurvey
1 EDB exploit
355
VMScore
CVE-2019-16173
LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/Survey_Common_Action.php,
Limesurvey Limesurvey
1 EDB exploit
383
VMScore
CVE-2019-16175
A clickjacking vulnerability was found in Limesurvey prior to 3.17.14.
Limesurvey Limesurvey
445
VMScore
CVE-2019-16177
In Limesurvey prior to 3.17.14, the entire database is exposed through browser caching.
Limesurvey Limesurvey
445
VMScore
CVE-2019-16179
Limesurvey prior to 3.17.14 does not enforce SSL/TLS usage in the default configuration.
Limesurvey Limesurvey
356
VMScore
CVE-2019-16181
In Limesurvey prior to 3.17.14, admin users can mark other users' notifications as read.
Limesurvey Limesurvey
356
VMScore
CVE-2019-16183
In Limesurvey prior to 3.17.14, admin users can run an integrity check without proper permissions.
Limesurvey Limesurvey
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »