Security for everyone

CVE-2020-11455 Scanner

Detects 'Path Traversal' vulnerability in LimeSurvey affects v. before 4.1.12+200324.

SCAN NOW

Short Info


Level

Medium

Type

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Url

Parent Category

CVE-2020-11455 Scanner Detail

LimeSurvey is an open-source survey application software that allows users to create and administer surveys. It is used for market research, educational research, customer satisfaction surveys, and other types of studies. The software offers various features such as branching and skip logic, question randomization, and detailed analysis of survey results. The platform is known for its ease of use and flexible architecture.

The CVE-2020-11455 vulnerability detected in LimeSurvey before 4.1.12+200324 is a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. This vulnerability allows an attacker to access files outside the web root directory by manipulating the file path. An attacker can upload a malicious file and execute arbitrary code on the server, leading to the leakage of sensitive data or system compromise.

When exploited, this vulnerability can lead to a range of consequences, including data theft, system damage, and unauthorized access. Attackers can exploit this vulnerability to upload malicious files or to gain access to sensitive data. They can also execute arbitrary code, leading to system compromise. This vulnerability is particularly dangerous as it allows an attacker to access files outside the web root directory, which opens up even more possibilities for exploitation.

Thanks to the pro features of the securityforeveryone.com platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. The platform provides real-time monitoring and alerts for emerging threats, vulnerability scanning, and risk assessment. As cyber threats continue to evolve, it is essential to have proactive measures in place to protect digital assets from exploitation.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture