21 matches found
Kirona Dynamic Resource Scheduler - Information Disclosure
Kirona Dynamic Resource Scheduler is susceptible to information disclosure. An unauthenticated user can directly access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd, which contains sensitive information with exposed SQL queries, such as database version, table name, and column name. id:...
EUVD-2019-7857
Malware in sbrugna...
CVE-2019-17504
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. A reflected Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter...
CVE-2019-17503
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database...
VulnCheck KEV: CVE-2019-17503
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL...
Kirona Solutions Dynamic Resource Scheduling Information Disclosure Vulnerability
Kirona Solutions Dynamic Resource Scheduling DRS is a suite of dynamic resource scheduling software for field services from Kirona Solutions, UK. A security vulnerability exists in Kirona DRS version 5.5.3.5. The vulnerability can be exploited by an attacker to obtain SQL database information suc...
Kirona Solutions Dynamic Resource Scheduling Cross-Site Scripting Vulnerability
Kirona Solutions Dynamic Resource Scheduling DRS is a suite of dynamic resource scheduling software for field services from Kirona Solutions, UK. A cross-site scripting vulnerability exists in Kirona Dynamic Resource Scheduling DRS version 5.5.3.5. The vulnerability stems from a lack of proper...
Kirona-DRS 5.5.3.5 Information Disclosure
Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be other versions. Tested On...
Kirona-DRS 5.5.3.5 - Information Disclosure Vulnerability
Exploit for php platform in category web applications Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be...
Kirona-DRS 5.5.3.5 - Information Disclosure
Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DRS 5.5.3.5 may be other versions. Tested On...
Kirona-DRS 5.5.3.5 - Information Disclosure
Kirona-DRS 5.5.3.5 - Information Disclosure Exploit Title: Kirona-DRS 5.5.3.5 - Information Disclosure Discovered Date: 2019-10-03 Shodan Search: /opt-portal/pages/login.xhtml Exploit Author: Ramikan Vendor Homepage: https://www.kirona.com/products/dynamic-resource-scheduler/ Affected Version: DR...
CVE-2019-17504
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. A reflected Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter...
CVE-2019-17504
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. A reflected Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter...
CVE-2019-17503
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database...
CVE-2019-17503
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database...
Cross site scripting
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. A reflected Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter...
Design/Logic Flaw
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database...
CVE-2019-17503
CVE-2019-17503 affects Kirona Dynamic Resource Scheduler (DRS) 5.5.3.5. An unauthenticated user can directly access /osm/REGISTER.cmd (/osm_tiles/REGISTER.cmd), which contains SQL queries that disclose database information (version, table names, column names, etc.). Multiple sources (NVD, Red Hat...
CVE-2019-17503
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. An unauthenticated user can access /osm/REGISTER.cmd aka /osmtiles/REGISTER.cmd directly: it contains sensitive information about the database through the SQL queries within this batch file. This file exposes SQL database...
CVE-2019-17504
An issue was discovered in Kirona Dynamic Resource Scheduling DRS 5.5.3.5. A reflected Cross-site scripting XSS vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter...