CPE Details
LimeSurvey 6.2.9
6.2.9
2023-12-09
03h54 +00:00
03h54 +00:00
2023-12-09
03h54 +00:00
03h54 +00:00
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
CPE Name: cpe:2.3:a:limesurvey:limesurvey:6.2.9:*:*:*:*:*:*:*
Informations
Vendor
limesurveyProduct
limesurveyVersion
6.2.9Related CVE
| CVE ID | Publié | Description | Score | Gravité |
|---|---|---|---|---|
| Cross Site Scripting vulnerability in LimeSurvey before 6.5.12+240611 allows a remote attacker to execute arbitrary code via a crafted script to the title and comment fields. | 6.1 |
Moyen |
||
| Cross Site Scripting vulnerability in LimeSurvey before 6.5.0+240319 allows a remote attacker to execute arbitrary code via a lack of input validation and output encoding in the Alert Widget's message component. | 6.1 |
Moyen |
||
| A Host header injection vulnerability in the password reset function of LimeSurvey v.6.6.1+240806 and before allows attackers to send users a crafted password reset link that will direct victims to a malicious domain. | 6.5 |
Moyen |
||
| SQL injection vulnerability in Limesurvey (a.k.a PHPSurveyor) before 1.91+ Build 120224 and earlier allows remote attackers to execute arbitrary SQL commands via the fieldnames parameter to index.php. | 7.5 |
