Filtered by vendor Ibm
Subscriptions
Filtered by product Kenexa Lms
Subscriptions
Total
11 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-8935 | 1 Ibm | 1 Kenexa Lms | 2017-04-04 | N/A |
| IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM Reference #: 1999483. | ||||
| CVE-2016-8928 | 1 Ibm | 1 Kenexa Lms | 2017-02-07 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2016-8929 | 1 Ibm | 1 Kenexa Lms | 2017-02-07 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2016-8933 | 1 Ibm | 1 Kenexa Lms | 2017-02-07 | N/A |
| IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2016-8931 | 1 Ibm | 1 Kenexa Lms | 2017-02-07 | N/A |
| IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | ||||
| CVE-2016-8930 | 1 Ibm | 1 Kenexa Lms | 2017-02-07 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. | ||||
| CVE-2016-8932 | 1 Ibm | 1 Kenexa Lms | 2017-02-07 | N/A |
| IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | ||||
| CVE-2016-5941 | 1 Ibm | 1 Kenexa Lms | 2017-02-05 | N/A |
| IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system. | ||||
| CVE-2016-5938 | 1 Ibm | 1 Kenexa Lms | 2017-02-05 | N/A |
| IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. | ||||
| CVE-2016-5942 | 1 Ibm | 1 Kenexa Lms | 2017-02-05 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
| CVE-2016-5940 | 1 Ibm | 1 Kenexa Lms | 2017-02-05 | N/A |
| IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | ||||
Page 1 of 1.