Latest forum posts

More Topics »

LimeSurvey Security Advisory 2009/04/29

There has been a issue uncovered with the latest LimeSurvey versions.

Type of issue:
Security issue by that an attacker get access to your LimeSurvey administration and files and can possibly change these - this allows for remote execution and data disclosure.

Affected LimeSurvey versions:
- LimeSurvey 1.80RC4, 1.80, 1.80+, 1.81, 1.81+ (all Builds) (released around January-April 2009)

Exploits in the Wild:
This issue was discoverd during a security audit by Dan Schwister (thank you Dan!). Therefore there is no exploit in the wild (yet).

Advised solution:
Update as soon as possible to the latest LimeSurvey 1.82 or later version available from

Quick fix:
Remove the /admin/remotecontrol/ directory to disable the security problem.



Survey respondents needed? Book respondents from 40+ countries for your research survey.

NuSPhere PhpEd logo
NuSphere supports the LimeSurvey project!

Get notified...

... on new releases. Subscribe to our RSS feed for LimeSurvey updates/releases:

rss RSS feed for LimeSurvey releases


Who is online?

Donation Image