CVE-2019-7648
CVE-2019-7648 affects Hotels_Server up to 2018-11-05, where controller/fetchpwd.php and controller/doAction.php rely on base64 to protect passwords. The impact is described as insufficient confidentiality protection (base64 is not a crypto safeguard), with CVSSv3 vector: NETWORK, LOW attack compl...