CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-9960 – LimeSurvey Zip Path Traversals
https://notcve.org/view.php?id=CVE-2019-9960
The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path. La función downloadZip en application/controllers/admin/export.php en LimeSurvey, hasta la versión 3.16.1+190225, permite una ruta relativa. • https://github.com/LimeSurvey/LimeSurvey/commit/1ed10d3c423187712b8f6a8cb2bc9d5cc3b2deb8 https://github.com/LimeSurvey/LimeSurvey/commit/daf50ebb16574badfb7ae0b8526ddc5871378f1b https://www.secsignal.org/en/news/cve-2019-9960-arbitrary-file-download-in-limesurvey • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-20322
https://notcve.org/view.php?id=CVE-2018-20322
LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version 3.15.6. LimeSurvey, en su versión 3.15.5, contiene una vulnerabilidad de Cross Site Scripting (XSS) en la subida del zip "Survey Resource" que puede resultar en la ejecución de código JavaScript contra los administradores de LimeSurvey. Esto se solucionó en la versión 3.15.6. • https://bugs.limesurvey.org/view.php?id=14376 https://github.com/LimeSurvey/LimeSurvey/commit/bfee69edaa0b90f97dc2d8fab09a87958cb32405 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-17003 – LimeSurvey 3.14.7 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-17003
In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discovered in the appendix via the surveyls_title parameter to /index.php?r=admin/survey/sa/insert. En LimeSurvey 3.14.7, se han descubierto una inyección HTML y Cross-Site Scripting (XSS) persistente en el apéndice mediante el parámetro surveyls_title en /index.php?r=admin/survey/sa/insert. LimeSurvey version 3.14.7 suffers from cross site scripting and html injection vulnerabilities. • http://packetstormsecurity.com/files/149435/LimeSurvey-3.14.7-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 26%CPEs: 2EXPL: 2CVE-2018-17057 – LimeSurvey < 3.16 - Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-17057
An issue was discovered in TCPDF before 6.2.22. Attackers can trigger deserialization of arbitrary data via the phar:// wrapper. Se ha descubierto un problema en TCPDF en versiones anteriores a la 6.2.22. Los atacantes pueden desencadenar la deserialización de datos arbitrarios mediante el wrapper phar: . TCPDF versions 6.2.19 and below suffer from a deserialization vulnerability that can allow for remote code execution. • https://www.exploit-db.com/exploits/46634 http://packetstormsecurity.com/files/152200/TCPDF-6.2.19-Deserialization-Remote-Code-Execution.html http://packetstormsecurity.com/files/152360/LimeSurvey-Deserialization-Remote-Code-Execution.html http://seclists.org/fulldisclosure/2019/Mar/36 https://contao.org/en/news/security-vulnerability-cve-2018-17057.html https://github.com/LimeSurvey/LimeSurvey/commit/1cdd78d27697b3150bb44aaa7af1a81062a591a5 https://github.com/tecnickcom/TCPDF/commit/1861e33fe05f653b67d070f7c106463e7a5c26ed • CWE-502: Deserialization of Untrusted Data •