Skip to main content

Kenexa Lms On Cloud

10 CVEs product

Monthly

CVE-2016-8920 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Kenexa Lms On Cloud
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-8913 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Kenexa Lms On Cloud
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2016-8912 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an authenticated user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Kenexa Lms On Cloud
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-8911 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Kenexa Lms On Cloud
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-6126 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Kenexa Lms On Cloud
NVD
CVSS 3.0
6.5
EPSS
0.6%
CVE-2016-6125 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Kenexa Lms On Cloud
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-6124 HIGH This Week

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE IBM File Upload Kenexa Lms On Cloud
NVD
CVSS 3.0
8.8
EPSS
2.7%
CVE-2016-6123 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Kenexa Lms On Cloud
NVD
CVSS 3.0
5.4
EPSS
0.2%
CVE-2016-6122 MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to security questions in a response to authenticated users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Kenexa Lms On Cloud
NVD
CVSS 3.0
4.3
EPSS
0.2%
CVE-2016-5939 MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms On Cloud
NVD
CVSS 3.0
6.3
EPSS
0.3%
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Kenexa Lms On Cloud
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Kenexa Lms On Cloud
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an authenticated user. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Kenexa Lms On Cloud
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Kenexa Lms On Cloud
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal IBM Kenexa Lms On Cloud
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Kenexa Lms On Cloud
NVD
EPSS 3% CVSS 8.8
HIGH This Week

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE IBM File Upload +1
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS IBM Kenexa Lms On Cloud
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to security questions in a response to authenticated users. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Kenexa Lms On Cloud
NVD
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

IBM Kenexa LMS on Cloud is vulnerable to SQL injection. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, low attack complexity.

SQLi IBM Kenexa Lms On Cloud
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy