Skip to main content

Kenexa Lms

11 CVEs product

Monthly

CVE-2016-8935 MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Kenexa Lms
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-8933 MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Kenexa Lms
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2016-8932 HIGH PATCH This Week

IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE IBM Authentication Bypass Kenexa Lms
NVD
CVSS 3.0
8.8
EPSS
2.1%
CVE-2016-8931 HIGH PATCH This Week

IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE IBM Authentication Bypass Kenexa Lms
NVD
CVSS 3.0
8.8
EPSS
2.1%
CVE-2016-8930 HIGH PATCH This Week

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2016-8929 MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms
NVD
CVSS 3.0
5.4
EPSS
0.3%
CVE-2016-8928 HIGH PATCH This Week

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms
NVD
CVSS 3.0
7.6
EPSS
0.4%
CVE-2016-5942 MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Kenexa Lms
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-5941 MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Kenexa Lms
NVD
CVSS 3.0
5.7
EPSS
0.5%
CVE-2016-5940 MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Kenexa Lms
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-5938 LOW PATCH Monitor

IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Kenexa Lms
NVD
CVSS 3.0
3.3
EPSS
0.1%
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud 13.1, 13.2, 13.2.2, 13.2.3, 13.2.4 and 14.0.0 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Kenexa Lms
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Kenexa Lms
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE IBM Authentication Bypass +1
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE IBM Authentication Bypass +1
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Week

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms
NVD
EPSS 0% CVSS 7.6
HIGH PATCH This Week

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Kenexa Lms
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal IBM Kenexa Lms
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Kenexa Lms
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

IBM Information Disclosure Kenexa Lms
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy