CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16186
https://notcve.org/view.php?id=CVE-2019-16186
09 Sep 2019 — In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions. En Limesurvey versiones anteriores a 3.17.14, usuarios administradores pueden acceder al administrador de plugins sin permisos apropiados. • https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R49 • CWE-276: Incorrect Default Permissions •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-16187
https://notcve.org/view.php?id=CVE-2019-16187
09 Sep 2019 — Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script. Limesurvey versiones anteriores a 3.17.14, utiliza una cookie anti-CSRF sin el flag HttpOnly, lo que permite a atacantes acceder a un valor de cookie por medio de un script del lado del cliente. • https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R48 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 5CVE-2019-16172 – LimeSurvey 3.17.13 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-16172
09 Sep 2019 — LimeSurvey before v3.17.14 allows stored XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. The attack uses a survey group in which the title contains JavaScript that is mishandled upon group deletion. LimeSurvey versiones anteriores a v3.17.14, permite un ataque de tipo XSS almacenado para escalar los privilegios desde una cuenta con pocos privilegios para, por ejemplo, SuperAdmin. El ataque utiliza un grupo de encuesta en el que el título contiene JavaScript que es ma... • https://www.exploit-db.com/exploits/47386 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 4CVE-2019-16173 – LimeSurvey 3.17.13 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2019-16173
09 Sep 2019 — LimeSurvey before v3.17.14 allows reflected XSS for escalating privileges from a low-privileged account to, for example, SuperAdmin. This occurs in application/core/Survey_Common_Action.php, LimeSurvey versiones anteriores a v3.17.14, permite un ataque de tipo XSS reflejado para escalar los privilegios desde una cuenta con pocos privilegios para, por ejemplo, SuperAdmin. Esto ocurre en el archivo application/core/Survey_Common_Action.php. LimeSurvey versions 3.17.13 and below suffer from reflective and pers... • https://www.exploit-db.com/exploits/47386 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-15640
https://notcve.org/view.php?id=CVE-2019-15640
26 Aug 2019 — Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image. Limesurvey versiones anteriores a 3.17.10, no valida tanto el tipo MIME como la extensión de archivo de una imagen. • https://github.com/LimeSurvey/LimeSurvey/commit/0479e3ff93ff1473a25c71e83cc011920b072b4c#diff-d539f3f8185667ee48db78e1bf65a3b4R43 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9960 – LimeSurvey Zip Path Traversals
https://notcve.org/view.php?id=CVE-2019-9960
24 Mar 2019 — The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path. La función downloadZip en application/controllers/admin/export.php en LimeSurvey, hasta la versión 3.16.1+190225, permite una ruta relativa. • https://github.com/LimeSurvey/LimeSurvey/commit/1ed10d3c423187712b8f6a8cb2bc9d5cc3b2deb8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20322
https://notcve.org/view.php?id=CVE-2018-20322
21 Dec 2018 — LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6. LimeSurvey, en su versión 3.15.5, contiene una vulnerabilidad de Cross Site Scripting (XSS) en la subida del zip "Survey Resource" que puede resultar en la ejecución de código JavaScript contra los administradores de LimeSurvey. Esto se solucionó en la versión 3.15.6. • https://bugs.limesurvey.org/view.php?id=14376 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 10%CPEs: 2EXPL: 2CVE-2018-17057 – LimeSurvey < 3.16 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-17057
14 Sep 2018 — An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper. Se ha descubierto un problema en TCPDF en versiones anteriores a la 6.2.22. Los atacantes pueden desencadenar la deserialización de datos arbitrarios mediante el wrapper phar: . TCPDF versions 6.2.19 and below suffer from a deserialization vulnerability that can allow for remote code execution. • https://www.exploit-db.com/exploits/46634 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000658
https://notcve.org/view.php?id=CVE-2018-1000658
06 Sep 2018 — LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. This attack appear to be exploitable via an authenticated user uploading a zip archive which can contains malicious php files that can be called under certain circumstances. This vulnerability appears to have been fixed in after commit 91d143230eb357260a19c8424b3005deb49a47f7 / version 3.14.4. LimeSurvey en versiones anteriores a la 3.14.4 contie... • https://github.com/LimeSurvey/LimeSurvey/commit/20fc85edccc80e7e7f162613542792380c44446a • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000659
https://notcve.org/view.php?id=CVE-2018-1000659
06 Sep 2018 — LimeSurvey version 3.14.4 and earlier contains a directory traversal in file upload that allows upload of webshell vulnerability in file upload functionality that can result in remote code execution as authenticated user. This attack appear to be exploitable via An authenticated user can upload a specially crafted zip file to get remote code execution. This vulnerability appears to have been fixed in after commit 72a02ebaaf95a80e26127ee7ee2b123cccce05a7 / version 3.14.4. LimeSurvey en su versión 3.14.4 y an... • https://github.com/LimeSurvey/LimeSurvey/commit/72a02ebaaf95a80e26127ee7ee2b123cccce05a7 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •