| Max CVSS | 6.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-8928 | 6.5 |
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
|
07-02-2017 - 23:00 | 01-02-2017 - 22:59 | |
| CVE-2016-8929 | 5.5 |
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
|
07-02-2017 - 21:44 | 01-02-2017 - 22:59 | |
| CVE-2016-8933 | 4.0 |
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system.
|
07-02-2017 - 20:31 | 01-02-2017 - 22:59 | |
| CVE-2016-8931 | 6.5 |
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
|
07-02-2017 - 20:12 | 01-02-2017 - 22:59 | |
| CVE-2016-8930 | 6.5 |
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
|
07-02-2017 - 19:32 | 01-02-2017 - 22:59 | |
| CVE-2016-8932 | 6.5 |
IBM Kenexa LMS on Cloud could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server.
|
07-02-2017 - 18:36 | 01-02-2017 - 22:59 | |
| CVE-2016-5941 | 3.5 |
IBM Kenexa LMS on Cloud could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing dot dot sequences (/../) to view arbitrary files on the system.
|
05-02-2017 - 20:41 | 01-02-2017 - 22:59 | |
| CVE-2016-5938 | 2.1 |
IBM Kenexa LMS on Cloud allows web pages to be stored locally which can be read by another user on the system.
|
05-02-2017 - 20:39 | 01-02-2017 - 22:59 | |
| CVE-2016-5942 | 3.5 |
IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted se
|
05-02-2017 - 20:33 | 01-02-2017 - 22:59 | |
| CVE-2016-5940 | 3.5 |
IBM Kenexa LMS on Cloud is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted se
|
05-02-2017 - 20:30 | 01-02-2017 - 22:59 |