3 matches found
DEBIAN-CVE-2021-42948
HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's...
DEBIAN-CVE-2021-42949
The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...
UBUNTU-CVE-2021-42949
The component controllalogin function in HotelDruid Hotel Management Software v3.0.3 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks...