LimeSurvey security advisory 9/4/2009

There has been a issue uncovered with an older LimeSurvey version, namely Version 1.71+.

Type of issue:
A version of FCKeditor (namely 2.6.2) which was used at the time inside the LimeSurvey software appears to have a security issue by that an attacker get access to your files and change these.

Affected LimeSurvey versions:
- LimeSurvey 1.71+ in the range of Build 5245 to 5496  (released around March-April 2008)

Exploits in the Wild:
Unspecified exploit does exist - please refer to this forum topic for further details

Advised solution:
Update to the latest LimeSurvey 1.80+ or later version available from http://www.limesurvey.org

Recommendations:
Check other PHP files on the same webspace for infections of the same kind.

Did you already participate in our customer survey?

Don't miss your chance for great prices.

Please click here to participate:

Start now