Critical severity9.1OSV Advisory· Published Feb 28, 2018· Updated Jun 17, 2026
CVE-2018-7556
CVE-2018-7556
Description
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file.
Affected products
21.45a, 1.45a_2007-02-24, 1.50_2007-08-06, …+ 1 more
- (no CPE)range: 1.45a, 1.45a_2007-02-24, 1.50_2007-08-06, …
- (no CPE)range: <2.6.7, <2.73.1, <3.4.2
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.