LimeSurvey before v5.0.4 exists to contain a SQL injection vulnerability via the component /application/views/themeOptions/update.php.
limesurvey limesurvey 5.4.4