Vulnerabilities > IBM > Kenexa LMS ON Cloud
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-02-01 | CVE-2016-8920 | Cross-site Scripting vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-8913 | Path Traversal vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. | 6.5 |
2017-02-01 | CVE-2016-8912 | Information Exposure Through Log Files vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an authenticated user. | 4.3 |
2017-02-01 | CVE-2016-8911 | 7PK - Security Features vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
2017-02-01 | CVE-2016-6126 | Path Traversal vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. | 6.5 |
2017-02-01 | CVE-2016-6125 | Cross-site Scripting vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-6124 | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server. | 8.8 |
2017-02-01 | CVE-2016-6123 | Cross-site Scripting vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. | 5.4 |
2017-02-01 | CVE-2016-6122 | Information Exposure vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to security questions in a response to authenticated users. | 4.3 |
2017-02-01 | CVE-2016-5939 | SQL Injection vulnerability in IBM Kenexa LMS on Cloud IBM Kenexa LMS on Cloud is vulnerable to SQL injection. | 6.3 |