Vulnerabilities (CVE)

Filtered by vendor Kirona Subscribe
Filtered by product Dynamic Resource Scheduling
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-17504 1 Kirona 1 Dynamic Resource Scheduling 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.
CVE-2019-17503 1 Kirona 1 Dynamic Resource Scheduling 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name, column name, etc.