Y1LD1R1M - Security Researcher - Exploit Intelligence Platform

CVE-2021-44967 NOMISEC HIGH WORKING POC

LimeSurvey 5.2.4 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file. NOTE: the Supplier's position is that plugins intentionally can contain arbitrary PHP code, and can only be installed by a superadmin, and therefore the security model is not violated by this finding.

6 stars

CVSS 8.8

View Code

CVE-2021-44967 NOMISEC HIGH WORKING POC

LimeSurvey 5.2.4 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file. NOTE: the Supplier's position is that plugins intentionally can contain arbitrary PHP code, and can only be installed by a superadmin, and therefore the security model is not violated by this finding.

CVSS 8.8

View Code

CVE-2021-44967 WRITEUP HIGH WORKING POC

LimeSurvey 5.2.4 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file. NOTE: the Supplier's position is that plugins intentionally can contain arbitrary PHP code, and can only be installed by a superadmin, and therefore the security model is not violated by this finding.

CVSS 8.8

View Code

CVE-2021-44967 EXPLOITDB HIGH python WORKING POC

LimeSurvey 5.2.4 - Authenticated Remote Code Execution via Plugin Upload

A Remote Code Execution (RCE) vulnerabilty exists in LimeSurvey 5.2.4 via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file. NOTE: the Supplier's position is that plugins intentionally can contain arbitrary PHP code, and can only be installed by a superadmin, and therefore the security model is not violated by this finding.

CVSS 8.8

View Code

EIP-2026-111516 EXPLOITDB text WORKING POC

Processwire CMS 2.4.0 - 'download' Local File Inclusion

View Code