Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

LimeSurvey Incorrect Default Permissions Vulnerability (CVE-2019-16183)

Description

In Limesurvey before 3.17.14, admin users can run an integrity check without proper permissions.

Remediation

References

Related Vulnerabilities

MediaWiki Missing Authorization Vulnerability (CVE-2021-30155)

phpMyFAQ Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2010-4558)

Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)

WordPress Plugin Debug Bar Multiple Unspecified Vulnerabilities (0.8.4)

PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2014-3478)

Severity

Low

Classification

CVE-2019-16183 CWE-276 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Tags

Missing Update Known Vulnerabilities