Kirona Dynamic Resource Scheduling vulnerabilities
2 known vulnerabilities affecting kirona/dynamic_resource_scheduling.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
1
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2019-17503P1MEDIUMCVSS 5.3ExploitedPoCv5.5.3.52019-10-11
CVE-2019-17503 [MEDIUM] CWE-425 CVE-2019-17503: An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd (aka /osm_tiles/REGISTER.cmd) directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database information such as database version, table name,
nvd
CVE-2019-17504P3MEDIUMCVSS 6.1PoCv5.5.3.52019-10-11
CVE-2019-17504 [MEDIUM] CWE-79 CVE-2019-17504: An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.
nvd