CVE-2025-56421

High CVSS: 7.5

SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database.

Vendor

Product

CWE

Yayın Tarihi

2026-03-10 18:17:58

Güncelleme

2026-03-20 16:58:05

Source Identifier

cve@mitre.org

KEV Date Added

CWE-89 Limesurvey HIGH Limesurvey 2026

http://limesurvey.com https://github.com/hongancalif/security-advisories/blob/main/CVE-2025-56421.md

Critical

CVE-2025-56422

A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to execute arbitrary code o…

Medium

CVE-2020-36993

LimeSurvey 4.3.10 contains a stored cross-site scripting vulnerability in the Survey Menu functionality of the administr…

Medium

CVE-2025-41074

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optout that causes infinite HTTP redirects when accessed directly.…

Medium

CVE-2025-41075

Vulnerability in LimeSurvey 6.13.0 in the endpoint /optin that causes infinite HTTP redirects when accessed directly. Th…

Medium

CVE-2025-41076

In version 6.13.0 of LimeSurvey, any external user can cause a 500 error in the survey system by sending a malformed ses…

Critical

CVE-2025-41375

SQL Injection vulnerability in Limesurvey v2.65.1+170522. This vulnerability allows an attacker to retrieve, create, upd…