SQL injection vulnerability in admin/admin.php in LimeSurvey prior to 1.91+ Build 120224 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a browse action. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
limesurvey limesurvey 1.90\\+ |
||
limesurvey limesurvey 1.87\\+ |
||
limesurvey limesurvey 1.70\\+ |
||
limesurvey limesurvey 1.53\\+ |
||
limesurvey limesurvey 1.86 |
||
limesurvey limesurvey 1.85 |
||
limesurvey limesurvey 1.52 |
||
limesurvey limesurvey 1.50 |
||
limesurvey limesurvey |
||
limesurvey limesurvey 1.72 |
||
limesurvey limesurvey 1.71\\+ |
||
limesurvey limesurvey 1.82\\+ |
||
limesurvey limesurvey 1.81\\+ |
||
limesurvey limesurvey 1.80\\+ |
||
limesurvey limesurvey 1.01 |