Lucene search
+L

CVE-2021-44967

🗓️ 22 Feb 2022 21:17:32Reported by mitreType 
cve
 cve
🔗 web.nvd.nist.gov👁 106 Views🌐 WEB

A Remote Code Execution (RCE) vulnerability in LimeSurvey 5.2.4 allows remote upload of arbitrary PHP code file

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
GithubExploit
Exploit for Unrestricted Upload of File with Dangerous Type in Limesurvey
5 Jan 202513:12
githubexploit
Circl
CVE-2021-44967
5 Jan 202523:48
circl
CNNVD
LimeSurvey 代码问题漏洞
24 Feb 202200:00
cnnvd
Cvelist
CVE-2021-44967
22 Feb 202221:17
cvelist
NVD
CVE-2021-44967
24 Feb 202215:15
nvd
OpenVAS
LimeSurvey <= 5.2.4 RCE Vulnerability
30 May 202200:00
openvas
OSV
BIT-LIMESURVEY-2021-44967
6 Mar 202410:56
osv
Packet Storm
📄 LimeSurvey 5.2.4 Remote Code Execution
3 Feb 202600:00
packetstorm
Packet Storm News
LimeSurvey 5.2.4 Shell Upload
18 Feb 202500:00
packetstormnews
Prion
Remote code execution
24 Feb 202215:15
prion
Rows per page
NVD
Node
ParameterPositionPathDescriptionCWE
the_filerequest bodyindex.php/admin/pluginmanager?sa=uploadRCE via plugin upload in LimeSurvey 5.2.4 allowing arbitrary PHP code execution by uploading a malicious plugin archive.CWE-434

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 04:13Current
9High risk
Vulners AI Score9
CVSS 3.18.8
CVSS 29
EPSS0.13395
106