Vulnerabilities (CVE)

Filtered by vendor Lanatmservice Subscribe
Filtered by product M3 Atm Monitoring System
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-29667 1 Lanatmservice 1 M3 Atm Monitoring System 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration.
CVE-2020-29666 1 Lanatmservice 1 M3 Atm Monitoring System 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value.