Description
Limesurvey before 3.17.10 does not validate both the MIME type and file extension of an image.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Download Manager Remote Code Execution (2.7.4)
WordPress Plugin ZeenShare Cross-Site Scripting (1.0.1)
WordPress Plugin WordPress for Google Maps-WP MAPS SQL Injection (4.0.4)
MyBB CVE-2006-0218 Vulnerability (CVE-2006-0218)
WordPress Plugin Smart Slider 3 PRO Cross-Site Scripting (3.5.0.8)