Vulnerabilities > Limesurvey > Limesurvey > 1.92
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-03 | CVE-2018-16397 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file, | 4.0 |
2015-06-18 | CVE-2015-4628 | SQL Injection vulnerability in Limesurvey SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter. | 6.5 |