2 matches found
LimeSurvey <= 3.14.3 Multiple RCE Vulnerabilities
LimeSurvey is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
CVE-2018-1000658
LimeSurvey before version 3.14.4 contains a file-upload vulnerability in the upload feature that allows code execution via a webshell. An authenticated user could upload a ZIP archive containing PHP files and trigger execution under certain conditions. The issue is fixed in version 3.14.4 (commit...