NotCVE - vendor:"Limesurvey" product:"Limesurvey" version:"1.82\ "

Page 4 of 36 results (0.001 seconds)

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-16182

https://notcve.org/view.php?id=CVE-2019-16182

A reflected cross-site scripting (XSS) vulnerability was found in Limesurvey before 3.17.14 that allows remote attackers to inject arbitrary web script or HTML via extensions of uploaded files. Se encontró una vulnerabilidad de tipo cross-site scripting (XSS) reflejada en Limesurvey versiones anteriores a 3.17.14, que permite a atacantes remotos inyectar script web o HTML arbitrario por medio de extensiones de archivos cargados. • https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R57 https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-16183

https://notcve.org/view.php?id=CVE-2019-16183

In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions. En Limesurvey versiones anteriores a 3.17.14, usuarios administradores pueden ejecutar una comprobación de integridad sin los permisos apropiados. • https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R50 https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-released • CWE-276: Incorrect Default Permissions •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-16184

https://notcve.org/view.php?id=CVE-2019-16184

A CSV injection vulnerability was found in Limesurvey before 3.17.14 that allows survey participants to inject commands via their survey responses that will be included in the export CSV file. Se encontró una vulnerabilidad de inyección CSV en Limesurvey versiones anteriores a 3.17.14, que permite a los participantes de la encuesta inyectar comandos por medio de sus respuestas a la encuesta que se incluirán en el archivo CSV de exportación. • https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R46 https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-released • CWE-1236: Improper Neutralization of Formula Elements in a CSV File •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-16185

https://notcve.org/view.php?id=CVE-2019-16185

In Limesurvey before 3.17.14, admin users can view, update, or delete reserved menu entries without proper permissions. En Limesurvey versiones anteriores a 3.17.14, usuarios administradores pueden visualizar, actualizar o eliminar entradas de menú reservadas sin permisos apropiados. • https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R51 https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-released • CWE-276: Incorrect Default Permissions •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-16186

https://notcve.org/view.php?id=CVE-2019-16186

In Limesurvey before 3.17.14, admin users can access the plugin manager without proper permissions. En Limesurvey versiones anteriores a 3.17.14, usuarios administradores pueden acceder al administrador de plugins sin permisos apropiados. • https://github.com/LimeSurvey/LimeSurvey/commit/5870fd1037058bc4e43cccf893b576c72293371e#diff-d539f3f8185667ee48db78e1bf65a3b4R49 https://www.limesurvey.org/limesurvey-updates/2188-limesurvey-3-17-14-build-190902-released • CWE-276: Incorrect Default Permissions •

1 2 3 4 5