Description

LimeSurvey v5.4.4 was discovered to contain a SQL injection vulnerability via the component /application/views/themeOptions/update.php.

Remediation

References

CVE-2022-43279

Related Vulnerabilities

MySQL CVE-2014-2451 Vulnerability (CVE-2014-2451)

ownCloud Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2014-2051)

MediaWiki CVE-2023-45372 Vulnerability (CVE-2023-45372)

Ruby on Rails Improper Input Validation Vulnerability (CVE-2013-0156)

MongoDb Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-4650)

Severity

High

Classification

CVE-2022-43279 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities