Ibm Kenexa Lcms Premier — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Kenexa Lcms Premier, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2016-5937 — CVSS 8.8 (high): IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and…
CVE-2016-5952 — CVSS 8.8 (high): IBM Kenexa LCMS Premier on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could…
CVE-2016-9993 — CVSS 7.1 (high): IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL…
CVE-2016-9994 — CVSS 7.1 (high): IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL…
CVE-2016-9992 — CVSS 7.1 (high): IBM Kenexa LCMS Premier on Cloud 9.0, and 10.0.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL…
CVE-2016-5950 — CVSS 6.5 (medium): IBM Kenexa LCMS Premier on Cloud stores user credentials in plain in clear text which can be read by an authenticated user.
CVE-2017-1142 — CVSS 6.5 (medium): IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to set…
CVE-2016-5948 — CVSS 5.4 (medium): IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2016-5951 — CVSS 5.4 (medium): IBM Kenexa LCMS Premier on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code…
CVE-2017-1143 — CVSS 5.3 (medium): IBM Kenexa LCMS Premier on Cloud 9.x and 10.0 could allow a remote attacker to obtain sensitive information, caused by the failure to…
CVE-2016-5949 — CVSS 4.3 (medium): IBM Kenexa LCMS Premier on Cloud could allow an authenticated user to obtain sensitive user data with a specially crafted HTTP request.