CVE-2015-4628

Published: Jun 18, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/LimeSurvey/LimeSurvey/commit/e15861a65b7028adfc23ef6af8563f645e318548

x_refsource_CONFIRM

75301

vdb-entry

x_refsource_BID

https://github.com/LimeSurvey/LimeSurvey/pull/331

x_refsource_CONFIRM

https://bugs.limesurvey.org/view.php?id=9694

x_refsource_CONFIRM

https://github.com/LimeSurvey/LimeSurvey/commit/b09edc0dbd18d8459ade4c7c941e562c16564f9e

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-4628

Description

Affected Products

References