Vulnerabilities > IBM > Kenexa LMS > High

DATE CVE VULNERABILITY TITLE RISK
2017-02-01 CVE-2016-8932 Improper Access Control vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
network
low complexity
ibm CWE-284
8.8
8.8
2017-02-01 CVE-2016-8931 Improper Access Control vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
network
low complexity
ibm CWE-284
8.8
8.8
2017-02-01 CVE-2016-8930 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.6
7.6
2017-02-01 CVE-2016-8928 SQL Injection vulnerability in IBM Kenexa LMS
IBM Kenexa LMS on Cloud is vulnerable to SQL injection.
network
low complexity
ibm CWE-89
7.6
7.6