Back to Advisories
🔔 CVE Advisory

CVE-2018-7556

Limesurvey

LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file.

Year 2018
Published September 29, 2018

Advisory Information

Affected Product Limesurvey
Title CVE-2018-7556
Description

LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file.

Year 2018
Published Date September 29, 2018
View Full CVE Advisory

Affected Vendors

L
LimeSurvey

Research Team

NV
Nguyen Van Tien Thanh (yeuchimse)