Description
SQL injection vulnerability in application/controllers/admin/questiongroups.php in LimeSurvey before 2.06+ Build 150618 allows remote authenticated administrators to execute arbitrary SQL commands via the sid parameter.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Ultimate Email Marketer Multiple Vulnerabilities (1.1.0)
WordPress Plugin Photo Gallery by Ays-Responsive Image Gallery SQL Injection (1.0.0)
WordPress Plugin Smart Slider 2 Multiple Cross-Site Scripting Vulnerabilities (2.3.11)
WordPress Plugin Admin PHP Eval Unspecified Vulnerability (1.0)