Latest forum posts

More Topics »

LimeSurvey Security Advisory 2009/04/29

There has been a issue uncovered with the latest LimeSurvey versions.

Type of issue:
Security issue by that an attacker get access to your LimeSurvey administration and files and can possibly change these - this allows for remote execution and data disclosure.

Affected LimeSurvey versions:
- LimeSurvey 1.80RC4, 1.80, 1.80+, 1.81, 1.81+ (all Builds) (released around January-April 2009)

Exploits in the Wild:
This issue was discoverd during a security audit by Dan Schwister (thank you Dan!). Therefore there is no exploit in the wild (yet).

Advised solution:
Update as soon as possible to the latest LimeSurvey 1.82 or later version available from

Quick fix:
Remove the /admin/remotecontrol/ directory to disable the security problem.



Survey respondents needed? Book respondents from 40+ countries for your research survey.

demetra Demetra
- the gold standard CATI, CAWI and CAMI surveys

LimeSurvey cooperates with Statista – the Portal for Statistics and Surveys regarding the development of new modules

NuSPhere PhpEd logo
NuSphere supports the LimeSurvey project!

Get notified...

... on new releases. Subscribe to our RSS feed for LimeSurvey updates/releases:

rss RSS feed for LimeSurvey releases


Donation Image