Description

A path disclosure vulnerability was found in Limesurvey before 3.17.14 that allows a remote attacker to discover the path to the application in the filesystem.

Remediation

References

CVE-2019-16176

Related Vulnerabilities

Chamilo Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-35415)

WordPress Plugin Contact Form by WPForms-Drag & Drop Form Builder for WordPress Directory Traversal (1.7.5.3)

Dot CMS Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2016-8904)

phpList Incorrect Comparison Vulnerability (CVE-2020-23361)

WordPress Plugin Google Pagespeed Insights Cross-Site Scripting (3.0.0)

Severity

Medium

Classification

CVE-2019-16176 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities