LimeSurvey security advisory 9/4/2009

There has been a issue uncovered with an older LimeSurvey version, namely Version 1.71+.

Type of issue:
A version of FCKeditor (namely 2.6.2) which was used at the time inside the LimeSurvey software appears to have a security issue by that an attacker get access to your files and change these.

Affected LimeSurvey versions:
- LimeSurvey 1.71+ in the range of Build 5245 to 5496  (released around March-April 2008)

Exploits in the Wild:
Unspecified exploit does exist - please refer to this forum topic for further details

Advised solution:
Update to the latest LimeSurvey 1.80+ or later version available from

Check other PHP files on the same webspace for infections of the same kind.

Copyright © 2006- LimeSurvey GmbH