Description
In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file,
Remediation
References
Related Vulnerabilities
WordPress Plugin Image Photo Gallery Final Tiles Grid Cross-Site Scripting (3.4.18)
WordPress Plugin Image Optimizer, Resizer and CDN-Sirv SQL Injection (1.3.1)
e107 Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2011-4947)
Oracle HTTP Server Improper Input Validation Vulnerability (CVE-2020-29508)
WordPress Plugin YITH WooCommerce Questions and Answers Security Bypass (1.1.9)