Filtered by vendor Kirona Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-17504 1 Kirona 1 Dynamic Resource Scheduling 2024-11-21 6.1 Medium
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.
CVE-2019-17503 1 Kirona 1 Dynamic Resource Scheduling 2024-11-21 5.3 Medium
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.