5 matches found
CVE-2019-9960
creationtimestamp| type| source ---|---|--- 2020-04-14 17:13:45+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/limesurveyziptraversals.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:20+00:00|...
LimeSurvey Zip Path Traversals
This module exploits an authenticated path traversal vulnerability found in LimeSurvey versions between 4.0 and 4.1.11 with CVE-2020-11455 or 'LimeSurvey Zip Path Traversals', 'Description' = %q This module exploits an authenticated path traversal vulnerability found in LimeSurvey versions betwee...
CVE-2019-9960
The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path...
CVE-2019-9960
LimeSurvey up to version 3.16.1+190225 is affected by CVE-2019-9960 via the downloadZip function in application/controllers/admin/export.php, which improperly handles relative paths and enables arbitrary file download. This is described as a path-traversal vulnerability with high to critical impa...
CVE-2019-9960
The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path. Bugs...