Description
SQL injection vulnerability in the insert function in application/controllers/admin/dataentry.php in LimeSurvey 2.06+ allows remote authenticated users to execute arbitrary SQL commands via the closedate parameter.
Remediation
References
Related Vulnerabilities
Moodle Other Vulnerability (CVE-2004-2235)
WordPress Plugin Complianz-GDPR/CCPA Cookie Consent SQL Injection (6.3.3)
WordPress Plugin WP Smiley Multiple Vulnerabilities (1.4.1)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-32472)
WordPress Plugin Remove WP Update Nags Security Bypass (1.3.0)