top of page
perceptive_background_267k.jpg

SQL Injection vulnerability in LimeSurvey before v.6.15.4+250710 allows a remote attacker to obtain sensitive information from the database.

Published:

9 March 2026 at 23:00:00

Alert date:

10 March 2026 at 20:02:32

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies, Database & Storage

A SQL Injection vulnerability has been identified in LimeSurvey versions before v.6.15.4+250710. The vulnerability allows remote attackers to obtain sensitive information from the database. This represents a significant security risk as it enables unauthorized access to potentially confidential survey data and user information. Organizations using affected versions of LimeSurvey should upgrade to the patched version immediately to prevent potential data exposure.

Technical details

Mitigation steps:

Affected products:

LimeSurvey

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2025-56421
http://limesurvey.com
https://github.com/hongancalif/security-advisories/blob/main/CVE-2025-56421.md

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page