Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:32 a.m.12 views

CVE-2019-16172

LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion...

5.4CVSS5.7AI score0.04611EPSS
Exploits7References1
GithubExploit
GithubExploit
added 2024/10/05 8:30 a.m.92 views

Exploit for Cross-site Scripting in Limesurvey

CVE-2019-16172 The CVE-2019-16172 Scanner is designed to check...

5.4CVSS6.6AI score0.04611EPSS
Exploits7
0day.today
0day.today
added 2019/09/16 12:0 a.m.105 views

LimeSurvey 3.17.13 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...

3.5CVSS0.2AI score0.04611EPSS
Exploits8
OpenVAS
OpenVAS
added 2019/09/16 12:0 a.m.51 views

LimeSurvey < 3.17.14 Multiple Vulnerabilities

LimeSurvey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.5AI score0.04611EPSS
Exploits8References1
0day.today
0day.today
added 2019/09/13 12:0 a.m.77 views

LimeSurvey 3.17.13 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...

3.5CVSS0.2AI score0.04611EPSS
Exploits8
Circl
Circl
added 2019/09/13 12:0 a.m.22 views

CVE-2019-16172

creationtimestamp| type| source ---|---|--- 2019-09-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/47386...

5.4CVSS6.8AI score0.04611EPSS
Exploits7References1
exploitpack
exploitpack
added 2019/09/13 12:0 a.m.102 views

LimeSurvey 3.17.13 - Cross-Site Scripting

LimeSurvey 3.17.13 - Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172,...

3.5CVSS0.2AI score0.04611EPSS
Exploits8
Exploit DB
Exploit DB
added 2019/09/13 12:0 a.m.299 views

LimeSurvey 3.17.13 - Cross-Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172, CVE-2019-16173 impact: medium homepage:...

5.4CVSS6.2AI score0.04611EPSS
Exploits8
Cvelist
Cvelist
added 2019/09/09 6:23 p.m.49 views

CVE-2019-16172

LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion...

5.6AI score0.04611EPSS
Exploits7References5
CVE
CVE
added 2019/09/09 6:23 p.m.117 views

CVE-2019-16172

LimeSurvey is affected by CVE-2019-16172 (and related CVEs) via a stored XSS in versions prior to 3.17.14. The root cause is improper validation when creating a survey group, where the group title can contain JavaScript that is mishandled upon group deletion, allowing an attacker with low privile...

5.4CVSS5.4AI score0.04611EPSS
Exploits7References5Affected Software1
Rows per page
Query Builder