Description
SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php.
Remediation
References
Related Vulnerabilities
OpenSSL Cryptographic Issues Vulnerability (CVE-2015-0204)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-9048)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2017-1000018)
Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2007-3847)
WordPress Plugin User Login History Multiple Cross-Site Scripting Vulnerabilities (1.5.2)