CVE-2016-8928
published 2017-02-01CVE-2016-8928: IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view…
high7.6CVSS 3.0
AVNACLPRLUINSUCHILAL
IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm | kenexa_lms | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| ibm_corporation | kenexa_lms_on_cloud | — | — |
| libarchive | libarchive | >= 0 < 3.1.2-7ubuntu2.3 | 3.1.2-7ubuntu2.3 |
| libarchive | libarchive | >= 0 < 3.1.2-11ubuntu0.16.04.2 | 3.1.2-11ubuntu0.16.04.2 |
CVSS provenance
nvdv3.07.6HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
osv6.5MEDIUM