WEB APPLICATION VULNERABILITIES Standard & Premium

LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-11455)

Description

LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.

Remediation

References

Related Vulnerabilities

WordPress 4.5.x Cross-Domain Flash Injection Vulnerability (4.5 - 4.5.12)

WordPress Plugin Image Export Arbitrary File Download (1.1.0)

WordPress Plugin Protected Posts Logout Button Cross-Site Request Forgery (1.4.4)

Perl Improper Certificate Validation Vulnerability (CVE-2023-31484)

WordPress Plugin Quiz and Survey Master (QSM)-Easy Quiz and Survey Maker SQL Injection (7.3.4)

Severity

Medium

Classification

CVE-2020-11455 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities