CVE-2019-9960
CRITICALLimeSurvey Zip Path Traversals
Title source: metasploitDescription
The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path.
Exploits (1)
metasploit
WORKING POC
by h00die, Matthew Aberegg, Michael Burkey, Federico Fernandez, Alejandro Parodi · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/limesurvey_zip_traversals.rb
Scores
CVSS v3
9.8
EPSS
0.7008
EPSS Percentile
98.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-22
Status
published
Affected Products (1)
limesurvey/limesurvey
< 3.16.1\+190225
Timeline
Published
Mar 24, 2019
Tracked Since
Feb 18, 2026