Ibm Kenexa Lms On Cloud — known CVE vulnerabilities
Every CVE whose affected-product data names Ibm Kenexa Lms On Cloud, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2016-6124 — CVSS 8.8 (high): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to…
CVE-2016-8913 — CVSS 6.5 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send…
CVE-2016-6126 — CVSS 6.5 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to traverse directories on the system. An attacker could send…
CVE-2016-5939 — CVSS 6.3 (medium): IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow…
CVE-2016-6125 — CVSS 5.4 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-6123 — CVSS 5.4 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-8911 — CVSS 5.4 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to hijack the clicking action of the victim. By persuading a…
CVE-2016-8920 — CVSS 5.4 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary…
CVE-2016-8912 — CVSS 4.3 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an…
CVE-2016-6122 — CVSS 4.3 (medium): IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 discloses answers to security questions in a response to authenticated users.