Description
SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter.
Remediation
References
Related Vulnerabilities
OpenSSL Inadequate Encryption Strength Vulnerability (CVE-2020-1968)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2007-5594)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-7060)
WordPress Plugin MapSVG Lite Arbitrary File Upload (4.0.5)
Django Resource Management Errors Vulnerability (CVE-2015-5143)