Description
PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter.
Remediation
References
Related Vulnerabilities
MySQL CVE-2022-21317 Vulnerability (CVE-2022-21317)
WordPress Plugin Build App Online SQL Injection (1.0.18)
WordPress Plugin Live Product Editor for WooCommerce Security Bypass (4.6.2)
WordPress Plugin WordPress File Upload Arbitrary File Upload (3.8.5)
WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales SQL Injection (3.33.1)