Vulnerabilities > Limesurvey > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-01-27 | CVE-2022-48008 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey 5.4.15 An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file. | 9.8 |
| 2022-02-24 | CVE-2021-44967 | Unrestricted Upload of File with Dangerous Type vulnerability in Limesurvey 5.2.4 A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file. | 9.0 |