2 matches found
CVE-2020-8988
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers after using root access to make a copy of the local database to discover login credentials and voting history via an offline brute-force approach...
CVE-2018-16286
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits...