Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
limesurvey limesurvey vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2019-14512
LimeSurvey 3.17.7+190627 has XSS via Boxes in application/extensions/PanelBoxWidget/views/box.php or a label title in application/views/admin/labels/labelview_view.php.
Limesurvey Limesurvey 3.17.7\\+190627
7.5
CVSSv2
CVE-2018-17057
An issue exists in TCPDF prior to 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Tecnick Tcpdf
Limesurvey Limesurvey
1 EDB exploit
2 Github repositories
6.4
CVSSv2
CVE-2018-7556
LimeSurvey 2.6.x prior to 2.6.7, 2.7x.x prior to 2.73.1, and 3.x prior to 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote malicious users to access the configuration file.
Limesurvey Limesurvey
Debian Debian Linux 7.0
NA
CVE-2024-24506
Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote malicious users to execute arbitrary code via the Administrator email address parameter in the General Setting function.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7