• LimeSurvey - the most popular
    Free Open Source Software survey tool on the web.

  • Why use LimeSurvey and not some other commercial tool?

    Why use LimeSurvey and not some other commercial tool?

    • Free: Install where you want and as many times as you like - no costs.
    • Open Source: Inspect the source code, change it to do your bidding or create plugins to do so.
    • Free & Open Source: No costs, extend it!
    • Data safety: Sensitive response data stays in your hands - saved on your own servers.
    • Data safety: All data stays on your own server.
    • Limitless: Collect responses without limits, create an unlimited number of surveys
    • Limitless: No limits on surveys & responses
    • International: Available in 80 (yes, eighty!) languages
    • International: Supports >80 languages
    • Borderless: Export & import numerous formats used for surveys, responses and label sets
    • Borderless: Im-/export your data in various formats!

    Check out our extensive feature list...

  • What if I need support?

    What if I need support?

    We have it all in case you need it:

    • Literary: A detailed manual in various languages
    • Outsourcing: Try our own professional hosting service LimeService
    • Huge community: Community support by using our forums and IRC
    • Professional support: Any service needed is available by the licensed Official LimeSurvey Partners

    Look at our support options...

There has been a issue uncovered with the latest LimeSurvey versions.

Type of issue:
Security issue by that an attacker get access to your LimeSurvey administration and files and can possibly change these - this allows for remote execution and data disclosure.

Affected LimeSurvey versions:
- LimeSurvey 1.80RC4, 1.80, 1.80+, 1.81, 1.81+ (all Builds) (released around January-April 2009)

Exploits in the Wild:
This issue was discoverd during a security audit by Dan Schwister (thank you Dan!). Therefore there is no exploit in the wild (yet).

Advised solution:
Update as soon as possible to the latest LimeSurvey 1.82 or later version available from http://www.limesurvey.org

Quick fix:
Remove the /admin/remotecontrol/ directory to disable the security problem.


Log in to comment


Survey respondents needed? Book respondents from 40+ countries for your research survey at http://www.intsamp.com
NuSPhere PhpEd logo
The LimeSurvey project uses PhpEd from Nusphere - one great PHP development IDE for Windows.