CVE-2021-42949 The component controlla_login function in HotelDruid Hotel Management Software v303 generates a predictable session token, allowing attackers to bypass authentication via bruteforce attacks The session id is dynamically created at each login using the following generalized syntax: {date}{time}{100000-999999}{incremented login attempts} These values can be gu