18 matches found
EUVD-2026-24550
An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...
CVE-2026-5512
An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...
CVE-2019-16175
A clickjacking vulnerability was found in Limesurvey before 3.17.14...
LimeSurvey 3.17.13 - Cross-Site Scripting
LimeSurvey 3.17.13 - Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172,...
Limesurvey User Notification Flagging Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A user notification marking vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can use this vulnerability to mark...
Limesurvey Reflective Cross-Site Scripting Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A reflective cross-site scripting vulnerability exists in versions prior to Limesurvey 3.17.14. A remote attacker can exploit this...
Limesurvey Plugin Manager Access Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A plugin manager access vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can exploit this vulnerability to acces...
Limesurvey Username Enumeration Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A username enumeration vulnerability exists in Limesurvey versions prior to 3.17.14. This vulnerability can be exploited by a remote...
Limesurvey Integrity Check Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. An integrity checking vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can exploit this vulnerability to run...
Limesurvey cross-site scripting vulnerability (CNVD-2019-31355)
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A stored cross-site scripting vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can exploit this vulnerability to...
LimeSurvey Cross-Site Scripting Vulnerability (CNVD-2019-31351)
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A stored cross-site scripting vulnerability exists in versions prior to Limesurvey 3.17.14. An attacker can exploit this vulnerability to...
Limesurvey Database Information Disclosure Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A database information disclosure vulnerability exists in versions prior to Limesurvey 3.17.14. An attacker can exploit this vulnerabilit...
Limesurvey Path Disclosure Vulnerability
Limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. A path disclosure vulnerability exists in Limesurvey versions prior to 3.17.14. A remote attacker can exploit this vulnerability to discover...
Limesurvey XML Injection Vulnerability
limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. An XML injection vulnerability exists in Limesurvey versions prior to 3.17.14. A remote attacker can exploit this vulnerability to import a...
Limesurvey Menu Item Access Vulnerability
limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. A menu item access vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can use this vulnerability to view, update, or...
PT-2019-14552 · Limesurvey · Limesurvey
Name of the Vulnerable Software and Affected Versions: LimeSurvey versions prior to 3.17.14 Description: The issue allows for stored XSS, enabling an attacker to escalate privileges from a low-privileged account to a higher-privileged one, such as SuperAdmin. This is achieved by creating a survey...
PT-2019-14553 · Limesurvey · Limesurvey
Name of the Vulnerable Software and Affected Versions: LimeSurvey versions prior to 3.17.14 Description: The issue allows for reflected XSS, enabling the escalation of privileges from a low-privileged account to a higher-privileged one, such as SuperAdmin. This occurs in the application/core/Surv...
CVE-2017-16801
Cross-site scripting XSS vulnerability in Octopus Deploy 3.7.0-3.17.13 fixed in 3.17.14 allows remote authenticated users to inject arbitrary web script or HTML via the Step Template Name parameter...