SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
CPE | Name | Operator | Version |
---|---|---|---|
limesurvey | eq | 1.80.0 | |
limesurvey | eq | 1.70 | |
limesurvey | eq | 1.52 | |
limesurvey | eq | 1.49 rc2 | |
limesurvey | eq | 1.81.0 | |
limesurvey | eq | 1.81 | |
limesurvey | eq | 1.80 rc4 | |
limesurvey | eq | <= 1.90 | |
limesurvey | eq | 1.49.0-rc2 | |
limesurvey | eq | 1.5.2 |