IBM Kenexa LMS on Cloud is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database.
CPE | Name | Operator | Version |
---|---|---|---|
kenexa_lms | eq | 5.0 | |
kenexa_lms | eq | 4.2.3 | |
kenexa_lms | eq | 4.2.2 | |
kenexa_lms | eq | 4.1 | |
kenexa_lms | eq | 5.2 | |
kenexa_lms | eq | 5.1 | |
kenexa_lms | eq | 4.2.4 | |
kenexa_lms | eq | 4.2 |