SQL injection vulnerability in admin/admin.php in LimeSurvey before 1.91+ Build 120224 allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a browse action. NOTE: some of these details are obtained from third party information.
CPE | Name | Operator | Version |
---|---|---|---|
limesurvey | eq | 1.80.0 | |
limesurvey | eq | 1.72 | |
limesurvey | eq | 1.85 | |
limesurvey | eq | 1.53.0 | |
limesurvey | eq | <= 1.91 | |
limesurvey | eq | 1.52 | |
limesurvey | eq | 1.87.0 | |
limesurvey | eq | 1.86 | |
limesurvey | eq | 1.90.0 | |
limesurvey | eq | 1.81.0 |