LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2022-48008 - Vulnerability Database

LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability - CVE-2022-48008

Critical

Reference: CVE-2022-48008

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2022-48008

Title: LimeSurvey Unrestricted Upload of File with Dangerous Type Vulnerability

Overview:

An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file.