Total
64 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-2571 | 1 Limesurvey | 1 Limesurvey | 2024-02-28 | 4.3 MEDIUM | N/A |
Cross-site request forgery (CSRF) vulnerability in LimeSurvey (formerly PHPSurveyor) before 1.71 allows remote attackers to change arbitrary quotas as administrators via a "modify quota" action. | |||||
CVE-2009-1604 | 1 Limesurvey | 1 Limesurvey | 2024-02-28 | 7.5 HIGH | N/A |
Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/. | |||||
CVE-2007-5573 | 1 Limesurvey | 1 Limesurvey | 2024-02-28 | 6.8 MEDIUM | N/A |
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter. | |||||
CVE-2007-3632 | 1 Limesurvey | 1 Limesurvey | 2024-02-28 | 6.8 MEDIUM | N/A |
Multiple PHP remote file inclusion vulnerabilities in LimeSurvey (aka PHPSurveyor) 1.49RC2 allow remote attackers to execute arbitrary PHP code via a URL in the homedir parameter to (1) OLE/PPS/File.php, (2) OLE/PPS/Root.php, (3) Spreadsheet/Excel/Writer.php, or (4) OLE/PPS.php in admin/classes/pear/; or (5) Worksheet.php, (6) Parser.php, (7) Workbook.php, (8) Format.php, or (9) BIFFwriter.php in admin/classes/pear/Spreadsheet/Excel/Writer/. |