CVE-2009-1604

Severity

75%

Complexity

99%

Confidentiality

106%

Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/.

Unspecified vulnerability in LimeSurvey before 1.82 allows remote attackers to execute commands and obtain sensitive data via unknown attack vectors related to /admin/remotecontrol/.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

LimeSurvey LimeSurvey

First reported 15 years ago

2009-05-11 20:00:00

Last updated 15 years ago

2009-05-23 05:31:00

Affected Software

LimeSurvey LimeSurvey 1.80+

1.80\+

LimeSurvey LimeSurvey 1.81+

1.81\+

References

34946

Vendor Advisory

http://www.limesurvey.org/content/view/169/1/lang,en/

Patch, Vendor Advisory

34785

ADV-2009-1219

Patch, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.