Filtered by vendor Lanatmservice
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-29667 | 1 Lanatmservice | 1 M3 Atm Monitoring System | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration. | |||||
CVE-2020-29666 | 1 Lanatmservice | 1 M3 Atm Monitoring System | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value. |