RSS   Vulnerabilities for 'System sentinel anyware'   RSS

2023-12-08
 
CVE-2023-48928

CWE-601
 

 
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Open Redirect. The 'path' parameter of the prefs.asp resource allows an attacker to redirect a victim user to an arbitrary web site using a crafted URL.

 
 
CVE-2023-48929

CWE-384
 

 
Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 is vulnerable to Session Fixation. The 'sid' parameter in the group_status.asp resource allows an attacker to escalate privileges and obtain sensitive information.

 


Copyright 2024, cxsecurity.com

 

Back to Top