3 matches found
Kirona Solutions Dynamic Resource Scheduling Cross-Site Scripting Vulnerability
Kirona Solutions Dynamic Resource Scheduling DRS is a suite of dynamic resource scheduling software for field services from Kirona Solutions, UK. A cross-site scripting vulnerability exists in Kirona Dynamic Resource Scheduling DRS version 5.5.3.5. The vulnerability stems from a lack of proper...
Kirona-DRS 5.5.3.5 - Information Disclosure
Kirona-DRS 5.5.3.5 - Information Disclosure Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DR...
CVE-2019-17503
CVE-2019-17503 affects Kirona Dynamic Resource Scheduler (DRS) 5.5.3.5. An unauthenticated user can directly access /osm/REGISTER.cmd (/osm_tiles/REGISTER.cmd), which contains SQL queries that disclose database information (version, table names, column names, etc.). Multiple sources (NVD, Red Hat...