WEB APPLICATION VULNERABILITIES Standard & Premium

LimeSurvey Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-11455)

Description

LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.

Remediation

References

Related Vulnerabilities

WordPress Plugin PDF & Print Button Joliprint Multiple Cross-Site Scripting Vulnerabilities (1.3.0)

WordPress Plugin Duplicate Post Multiple Vulnerabilities (2.5)

WordPress Plugin Fancy Product Designer-WooCommerce Arbitrary File Upload (4.5.1)

WordPress Other Vulnerability (CVE-2007-0262)

WordPress Plugin Maps Widget for Google Maps-Google Maps Builder Open Redirect (4.0)

Severity

Medium

Classification

CVE-2020-11455 CWE-22 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities