Sesami - Cash Point \& Transport Optimizer CVE

Filtered by vendor Sesami Subscribe

Filtered by product Cash Point \& Transport Optimizer

Total 11 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-31302	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-08	N/A	6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Teller field.
CVE-2023-31293	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-08	N/A	4.3 MEDIUM
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option being disabled.
CVE-2023-31294	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-08	N/A	7.5 HIGH
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the Delivery Name field.
CVE-2023-31299	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-08	N/A	6.1 MEDIUM
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Barcode field of a container.
CVE-2023-31295	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-08	N/A	7.5 HIGH
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the User Profile field.
CVE-2023-31300	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-08	N/A	7.5 HIGH
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature.
CVE-2023-31296	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-04	N/A	5.3 MEDIUM
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field.
CVE-2023-31292	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-04	N/A	5.5 MEDIUM
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack.
CVE-2023-31298	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-04	N/A	4.8 MEDIUM
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.
CVE-2023-31301	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-04	N/A	6.1 MEDIUM
Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log.
CVE-2023-31297	1 Sesami	1 Cash Point \& Transport Optimizer	2024-01-03	N/A	4.8 MEDIUM
An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client.

Vulnerabilities (CVE)