Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
limesurvey vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2018-17057
An issue exists in TCPDF prior to 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper.
Tecnick Tcpdf
Limesurvey Limesurvey
1 EDB exploit
2 Github repositories
4.3
CVSSv2
CVE-2020-22607
Cross Site Scripting vulnerabilty in LimeSurvey 4.1.11+200316 via the (1) name and (2) description parameters in application/controllers/admin/PermissiontemplatesController.php.
Limesurvey Limesurvey 4.1.11\\+200316
6.4
CVSSv2
CVE-2018-7556
LimeSurvey 2.6.x prior to 2.6.7, 2.7x.x prior to 2.73.1, and 3.x prior to 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote malicious users to access the configuration file.
Limesurvey Limesurvey
Debian Debian Linux 7.0
NA
CVE-2024-24506
Cross Site Scripting (XSS) vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote malicious users to execute arbitrary code via the Administrator email address parameter in the General Setting function.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7