📦 Limesurvey
by Limesurvey
🔍 What is Limesurvey?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
A SQL injection vulnerability in LimeSurvey v2.65.1+170522 allows attackers to manipulate database queries via the 'token' parameter in the '/index.php' endpoint. This enables unauthorized database ac...
This SQL injection vulnerability in LimeSurvey's participant model allows attackers to execute arbitrary SQL commands on the database. It affects all LimeSurvey installations before version 4.0.0-RC4,...
This vulnerability in LimeSurvey's /optout endpoint causes infinite HTTP redirects when accessed directly, creating a denial-of-service condition. Attackers can exploit this to exhaust server resource...
This vulnerability in LimeSurvey 6.13.0 creates an infinite redirect loop when accessing the /optin endpoint directly. Attackers can exploit this to cause denial of service by exhausting server or cli...
This vulnerability allows attackers to execute arbitrary code on LimeSurvey servers by injecting malicious payloads into the lng parameter of the js_localize.php function. It affects LimeSurvey instal...
This vulnerability allows external users to trigger a 500 error in LimeSurvey by sending malformed session cookies, which exposes sensitive internal system information instead of showing a generic err...
A Cross-Site Scripting (XSS) vulnerability in LimeSurvey allows attackers to inject malicious scripts into title and comment fields. When executed, these scripts can steal session cookies, redirect us...
This CVE describes a SQL injection vulnerability in LimeSurvey's survey general settings handler. Attackers can remotely exploit this flaw by manipulating language parameters to execute arbitrary SQL ...