12 matches found
EUVD-2026-24550
An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...
CVE-2026-5512
An improper authorization vulnerability was identified in GitHub Enterprise Server that allowed an authenticated attacker to determine the names of private repositories by their numeric ID. The mobile upload policy API endpoint did not perform an early authorization check, and validation error...
CVE-2019-16175
A clickjacking vulnerability was found in Limesurvey before 3.17.14...
LimeSurvey 3.17.13 - Cross-Site Scripting
LimeSurvey 3.17.13 - Cross-Site Scripting SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored and reflected XSS vulnerabilities product: LimeSurvey vulnerable version: 3.17.14 CVE number: CVE-2019-16172,...
Limesurvey cross-site scripting vulnerability (CNVD-2019-31355)
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A stored cross-site scripting vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can exploit this vulnerability to...
Limesurvey Reflective Cross-Site Scripting Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A reflective cross-site scripting vulnerability exists in versions prior to Limesurvey 3.17.14. A remote attacker can exploit this...
Limesurvey Plugin Manager Access Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A plugin manager access vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can exploit this vulnerability to acces...
Limesurvey Database Information Disclosure Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A database information disclosure vulnerability exists in versions prior to Limesurvey 3.17.14. An attacker can exploit this vulnerabilit...
Limesurvey XML Injection Vulnerability
limesurvey is an open source online questionnaire program with many functions such as questionnaire design, modification, release, recovery and statistics. An XML injection vulnerability exists in Limesurvey versions prior to 3.17.14. A remote attacker can exploit this vulnerability to import a...
LimeSurvey Cross-Site Scripting Vulnerability (CNVD-2019-31351)
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. A stored cross-site scripting vulnerability exists in versions prior to Limesurvey 3.17.14. An attacker can exploit this vulnerability to...
Limesurvey Integrity Check Vulnerability
limesurvey is an open source online questionnaire program with multiple functions such as questionnaire design, modification, release, recovery and statistics. An integrity checking vulnerability exists in Limesurvey versions prior to 3.17.14. An attacker can exploit this vulnerability to run...
PT-2019-14553 · Limesurvey · Limesurvey
Name of the Vulnerable Software and Affected Versions: LimeSurvey versions prior to 3.17.14 Description: The issue allows for reflected XSS, enabling the escalation of privileges from a low-privileged account to a higher-privileged one, such as SuperAdmin. This occurs in the application/core/Surv...