CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2017/02/01 8:59 p.m.•3 views

CVE-2016-8912

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 stores potentially sensitive information in in log files that could be read by an authenticated user...

4.3CVSS5.8AI score0.00941EPSS

Exploits0References3

OSV•added 2017/02/01 8:59 p.m.•3 views

CVE-2016-6125

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...

5.4CVSS5.5AI score

OSV•added 2017/02/01 8:59 p.m.•2 views

CVE-2016-6124

IBM Kenexa LMS on Cloud 13.1 and 13.2 - 13.2.4 could allow a remote attacker to upload arbitrary files, which could allow the attacker to execute arbitrary code on the vulnerable server...

8.8CVSS6.2AI score

ThreatPost•added 2017/02/01 9:40 a.m.•8 views

Zimperium Program Buys Exploits for Patched Mobile Vulnerabilities

Mobile security company Zimperium said Tuesday that it will start buying exploits, but in a departure from most other programs, it will not be buying zero-days. The company’s N-Days Exploit Acquisition Program will pay researchers from a pool of $1.5 million for exploits targeting vulnerabilities...

7.1AI score

Kitploit•added 2017/01/28 8:7 p.m.•31 views

OWASP Security Shepherd - Web And Mobile Application Security Training Platform

The OWASP Security Shepherd Project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen...

7.2AI score

Exploits0References3

CNVD•added 2017/01/24 12:0 a.m.•2 views

IBM Kenexa LMS on Cloud Arbitrary File Upload Vulnerability (CNVD-2017-01017)

IBM Kenexa LMS on Cloud is a configurable, enterprise-grade social learning management system LMS from IBM that integrates social networking, collaboration, and knowledge sharing capabilities. The system provides interactive features and supports users to evaluate learning content and share their...

8.8CVSS7.5AI score0.0186EPSS

CNVD•added 2017/01/18 12:0 a.m.•2 views

IBM Kenexa LMS on Cloud SQL Injection Vulnerability (CNVD-2017-00563)

5.5CVSS7.7AI score0.00877EPSS

CNVD•added 2017/01/18 12:0 a.m.•2 views

IBM Kenexa LMS on Cloud Directory Traversal Vulnerability (CNVD-2017-00566)

5.7CVSS7AI score0.01595EPSS

CNVD•added 2017/01/18 12:0 a.m.•6 views

IBM Kenexa LMS on Cloud SQL Injection Vulnerability (CNVD-2017-00565)

7.6CVSS7.7AI score0.00969EPSS

CNVD•added 2017/01/18 12:0 a.m.•3 views

IBM Kenexa LMS on Cloud Cross-Site Scripting Vulnerability (CNVD-2017-00561)

5.4CVSS6.3AI score0.00553EPSS

Vulnerability Lab•added 2016/12/21 12:0 a.m.•42 views

Docebo LMS v6.9 - (Localization) Persistent Vulnerability

Document Title: =============== Docebo LMS v6.9 - Localization Persistent Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1880 Release Date: ============= 2016-12-21 Vulnerability Laboratory ID VL-ID: ==================================== 18...

7.1AI score

Openbugbounty•added 2016/12/10 7:0 p.m.•5 views

visionlearning.com XSS vulnerability

Vulnerable URL: http://www.visionlearning.com/en/search Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 210320 VIP website status:| No Check visionlearning.com SSL connection:| Grade: F Coordinated Disclosure...

6.3AI score

CNVD•added 2016/12/02 12:0 a.m.•3 views

SQL Injection Vulnerability in YxtCMF Online Learning System

YxtCMF online learning system is an online learning platform system developed with thinkphp+bootstrap as the framework. YxtCMF Online Learning System is vulnerable to SQL injection. The lack of filtering due to the '$state=I"get.state";' parameter allows an attacker to exploit the vulnerability t...

7.8AI score

Fedora•added 2016/11/24 8:32 p.m.•38 views

[SECURITY] Fedora 24 Update: moodle-3.1.3-1.fc24

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

8.8CVSS1.9AI score0.0397EPSS

Exploits3

Fedora•added 2016/11/24 8:29 a.m.•63 views

[SECURITY] Fedora 23 Update: moodle-3.0.7-1.fc23

Moodle is a course management system CMS - a free, Open Source software package designed using sound pedagogical principles, to help educators crea te effective online learning communities...

8.8CVSS1.9AI score0.0397EPSS

Exploits3

The Hacker News•added 2016/11/24 7:34 a.m.•18 views

Microsoft Shares Telemetry Data Collected from Windows 10 Users with 3rd-Party

Cyber security is a major challenge in today's world, as cyber attacks have become more automated and difficult to detect, where traditional cyber security practices and systems are no longer sufficient to protect businesses, governments, and other organizations. In past few years, Artificial...

6.6AI score

CNVD•added 2016/11/24 12:0 a.m.•2 views

Moodle Security Bypass Vulnerability (CNVD-2016-11545)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security bypass vulnerability exists in Moodle, which can be exploited by attackers ...

5.3CVSS5.6AI score0.01196EPSS

CNVD•added 2016/11/24 12:0 a.m.•1 views

Moodle Information Disclosure Vulnerability (CNVD-2016-11544)

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. Moodle has an information disclosure vulnerability that can be exploited by attackers ...

6.2AI score