CVE-2018-7556

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-7556

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7556.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-7556

Published

2018-02-28T07:29:00.400Z

Modified

2026-04-10T04:11:18.822366Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVSS Calculator

Summary

[none]

Details

LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file.

References

https://www.limesurvey.org/about-us/news/2075-limesurvey-security-advisory-02-2018

Affected packages

Git / github.com/limesurvey/limesurvey

Affected ranges

Type

GIT

Repo

https://github.com/limesurvey/limesurvey

Events

Introduced

Fixed

1eadf64bb25476800359fc4ebf94cb12ebc3a7d0

Introduced

2ef1525baed6eb977b5aa50ed02b26bb072a483c

Fixed

ef4aeb06c5f88c6153bedd051a133707e59e4820

Database specific

{
    "versions": [
        {
            "introduced": "2.7.0"
        },
        {
            "fixed": "2.73.1"
        },
        {
            "introduced": "3.0.0"
        },
        {
            "fixed": "3.4.2"
        }
    ]
}

Affected versions

1.*

1.45a

1.45a_2007-02-24

1.50_2007-08-06

1.70_2008-02-25

1.70_plus_2008-03-09

1.70_plus_2008-03-16

1.70_plus_2008-03-17

1.70_plus_2008-03-30

1.70_plus_2008-04-07

1.70_plus_2008-04-14

1.70_plus_2008-04-21

1.70_plus_2008-04-28

1.70_plus_2008-05-05

1.70_plus_2008-05-12

1.70_plus_2008-05-19

1.70_plus_2008-05-21

1.70_plus_2008-05-26

1.71_plus_2008-06-12

1.71_plus_2008-06-17

1.71_plus_2008-06-30

1.71_plus_2008-07-07

1.71_plus_2008-07-15

1.71_plus_2008-07-30

1.71_plus_2008-08-05

1.71_plus_2008-08-15

1.71_plus_2008-08-27

1.71_plus_2008-09-01

1.71_plus_2008-09-08

1.71_plus_2008-09-15

1.71_plus_2008-09-22

1.71_plus_2008-09-29

1.72_2008-10-07

1.80_2009-03-09

1.80_plus_2009-03-23

1.80_plus_2009-03-30

1.80_plus_2009-04-06

1.81_2009-04-10

1.81_plus_2009-04-16

1.81_plus_2009-04-20

1.82_2009-04-29

1.82_plus_2009-05-04

1.82_plus_2009-05-11

1.85_2009-06-15

1.85_plus_2009-06-22

1.85_plus_2009-06-29

1.85_plus_2009-07-08

1.85_plus_2009-07-20

1.85_plus_2009-08-03

1.85_plus_2009-08-10

1.85_plus_2009-08-12

1.85_plus_2009-08-19

1.85_plus_2009-08-24

1.85_plus_2009-08-31

1.85_plus_2009-09-07

1.85_plus_2009-09-15

1.85_plus_2009-09-21

1.85_plus_2009-09-28

1.86_2009-09-30

1.87_2009-12-29

1.87_plus_2010-01-05

1.87_plus_2010-01-12

1.87_plus_2010-01-19

1.87_plus_2010-01-26

1.87_plus_2010-02-02

1.87_plus_2010-02-09

1.87_plus_2010-02-11

1.87_plus_2010-02-16

1.87_plus_2010-02-23

1.87_plus_2010-03-02

1.87_plus_2010-03-09

1.87_plus_2010-03-18

1.87_plus_2010-03-23

1.90_plus_2010-08-10

1.90_plus_2010-08-17

1.90_plus_2010-08-24

1.90_plus_2010-09-07

1.90_plus_2010-09-14

1.90_plus_2010-09-29

1.90_plus_2010-10-05

1.90_plus_2010-10-12

1.90_plus_2010-10-13

1.90_plus_2010-10-19

1.90_plus_2010-10-20

1.90_plus_2010-10-23

1.90_plus_2010-10-26

1.90_plus_2010-11-03

1.90_plus_2010-11-09

1.90_plus_2010-11-16

1.90_plus_2010-11-23

1.90_plus_2010-11-30

1.90_plus_2010-12-07

1.90_plus_2010-12-14

1.90_plus_2011-01-25

1.91RC3

1.91_2011-05-03

1.91_plus_10232

1.91_plus_10315

1.91_plus_2011-05-10

1.91_plus_2011-05-12

1.91_plus_2011-05-17

1.91_plus_2011-05-25

1.91_plus_2011-06-01

1.91_plus_2011-06-05

1.91_plus_2011-06-08

1.91_plus_2011-06-15

1.91_plus_2011-06-21

1.91_plus_2011-06-29

1.91_plus_2011-07-08

1.91_plus_2011-07-11

1.91_plus_2011-07-12

1.91_plus_2011-07-22

1.91_plus_2011-07-28

1.91_plus_2011-08-03

1.91_plus_2011-08-05

1.91_plus_2011-08-10

1.91_plus_2011-08-11

1.91_plus_2011-08-16

1.91_plus_2011-08-26

1.91_plus_2011-09-06

1.91_plus_2011-09-20

1.91_plus_2011-09-21

1.91_plus_2011-10-05

1.91_plus_2011-10-14

1.91_plus_2011-10-20

1.91_plus_2011-10-21

1.91_plus_2011-11-08

1.91_plus_2011-11-16

1.91_plus_2011-12-30

1.91_plus_2012-01-23

1.92_plus_120319

1.92_plus_120323

1.92_plus_120330

1.92_plus_120405

1.92_plus_120501

1.92_plus_120509

1.92_plus_120516

1.92_plus_120517

1.92_plus_120607

1.92_plus_120608

1.92_plus_120613

1.92_plus_120620

1.92_plus_120718

1.92_plus_120725

1.92_plus_120815

1.92_plus_120822

1.92_plus_120909

1.92_plus_120919

2.*

2.00_120920

2.00_120926

2.00_plus_120924

2.00_plus_120926

2.00_plus_120930

2.00_plus_120931

2.00_plus_121005

2.00_plus_121006

2.00_plus_121009

2.00_plus_121011

2.00_plus_121013

2.00_plus_121014

2.00_plus_121016

2.00_plus_121017

2.00_plus_121019

2.00_plus_121024

2.00_plus_121025

2.00_plus_121101

2.00_plus_121102

2.00_plus_121104

2.00_plus_121106

2.00_plus_121113

2.00_plus_121115

2.00_plus_121116

2.00_plus_121117

2.00_plus_121120

2.00_plus_121121

2.00_plus_121127

2.00_plus_121207

2.00_plus_121208

2.00_plus_121209

2.00_plus_121211

2.00_plus_121213

2.00_plus_121220

2.00_plus_121231

2.00_plus_130103

2.00_plus_130108

2.00_plus_130110

2.00_plus_130115

2.00_plus_130116

2.00_plus_130122

2.00_plus_130206

2.00_plus_130213

2.00_plus_130219

2.00_plus_130226

2.00_plus_130305

2.00_plus_130311

2.00_plus_130317

2.00_plus_130325

2.00_plus_130406

2.00_plus_130423

2.00_plus_130428

2.00_plus_130513

2.00_plus_130514

2.00_plus_130611

2.00_plus_130708

2.00_plus_130802

2.00_plus_130913

2.00_plus_130923

2.00_plus_130929

2.00_plus_131009

2.00_plus_131022

2.00_plus_131031

2.00_plus_131107

2.00_plus_131122

2.00_plus_131202

2.00_plus_131206

2.05_131209

2.05_plus_131219

2.05_plus_140109

2.05_plus_140116

2.05_plus_140125

2.05_plus_140131

2.05_plus_140204

2.05_plus_140212

2.05_plus_140216

2.05_plus_140217

2.05_plus_140226

2.05_plus_140317

2.05_plus_140320

2.05_plus_140404

2.05_plus_140414

2.05_plus_140422

2.05_plus_140502

2.05_plus_140520

2.05_plus_140611

2.05_plus_140612

2.05_plus_140618

2.05_plus_140703

2.05_plus_140717

2.05_plus_140730

2.05_plus_140811

2.05_plus_140902

2.05_plus_140911

2.05_plus_140915

2.05_plus_141003

2.05_plus_141020

2.05_plus_141109

2.05_plus_141110

2.05_plus_141113

2.05_plus_141123

2.05_plus_141126

2.05_plus_141210

2.05_plus_141229

2.05_plus_150310

2.05_plus_150413

2.05_plus_150508

2.05_plus_150520

2.06_plus_150619

2.06_plus_150629

2.06_plus_150723

2.06_plus_150731

2.06_plus_150812

2.06_plus_150825

2.06_plus_150911

2.06_plus_150930

2.06_plus_151014

2.06_plus_151016

2.06_plus_151018

2.06_plus_151109

2.06_plus_151126

2.06_plus_151205

2.06_plus_151215

2.06_plus_160121

2.06_plus_160123

2.06_plus_160129

2.50_plus_160202

2.50_plus_160204

2.50_plus_160210

2.50_plus_160212

2.50_plus_160213

2.50_plus_160215

2.50_plus_160216

2.50_plus_160217

2.50_plus_160218

2.50_plus_160222

2.50_plus_160310

2.50_plus_160311

2.50_plus_160314

2.50_plus_160323

2.50_plus_160330

2.50_plus_160404

2.50_plus_160407

2.50_plus_160412

2.50_plus_160413

2.50_plus_160414

2.50_plus_160415

2.50_plus_160418

2.50_plus_160421

2.50_plus_160426

2.50_plus_160428

2.50_plus_160506

2.50_plus_160512

2.50_plus_160516

2.50_plus_160517

2.50_plus_160523

2.50_plus_160525

2.50_plus_160526

2.50_plus_160529

2.50_plus_160602

2.50_plus_160603

2.50_plus_160606

2.50_plus_160613

2.50_plus_160616

2.50_plus_160620

2.50_plus_160714

2.50_plus_160715

2.50_plus_160718

2.50_plus_160726

2.50_plus_160727

2.50_plus_160728

2.50_plus_160731

2.51.1_160901

2.51.2_160906

2.51.3_160907

2.51.4+160908

2.51.4_160908

2.52+160929

2.54+161007

2.54.1+161010

2.54.2+161012

2.54.3+161014

2.54.4+161018

2.55+161021

2.55.1+161026

2.55.2+161103

2.55.3+161111

2.56+161117

2.56.1+161118

2.57.0+161202

2.57.1+161205

2.58.0+170104

2.58.1+170113

2.58.2+170114

2.59.0+170115

2.59.1+170116

2.62.0+170124

2.62.1+170130

2.62.2+170203

2.63.1+170305

2.64.0+170307

2.64.1+170310

2.64.2+170324

2.64.3+170327

2.64.4+170330

2.64.5+170331

2.64.6+170332

2.64.7+170404

2.65.0+170502

2.65.0+170522

2.65.1+170522

2.65.2+170606

2.65.4+170612

2.66.6+170619

2.67.0+170622

2.67.1+170626

2.67.2+170719

2.67.2+170728

2.67.3+170728

2.71.0+170925

2.71.1+170927

2.72.0+171010

2.72.2+171017

2.72.3+171020

2.72.4+171110

2.72.5+171121

2.72.6+171207

2.73.0+171219

2.91_plus_10315

3.*

3.0.0+171222

3.0.2+180110

3.0.3+180112

3.0.4+180116

3.0.5+180118

3.1.0

3.1.1+180130

3.2.0+180206

3.2.1+180207

3.3.0+180209

3.3.1

3.4.0+180219

3.4.1+180221

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "2.6.0"
            },
            {
                "fixed": "2.6.7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "7.0"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-7556.json"