SQL injection vulnerability in CPDB in application/controllers/admin/participantsaction.php in LimeSurvey 2.05+ Build 140618 allows remote malicious users to execute arbitrary SQL commands via the sidx parameter in a JSON request to admin/participants/sa/getParticipants_json, related to a search parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
limesurvey limesurvey 2.05\\+ |