Description
In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file,
Remediation
References
Related Vulnerabilities
Drupal Other Vulnerability (CVE-2006-2260)
WordPress Plugin OptionTree PHP Object Injection (2.6.0)
Microsoft SQL Server CVE-2023-21528 Vulnerability (CVE-2023-21528)
MySQL CVE-2017-10296 Vulnerability (CVE-2017-10296)
phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2019-16108)