CVE-2023-31296

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...

Input validation

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...

CVE-2023-31296

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...

Input validation

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...

CVE-2023-31301

Stored Cross Site Scripting XSS Vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

Sesami Cash Point & Transport Optimizer Security Vulnerability

Sesami Cash Point & Transport Optimizer is a solution from Sesami, Inc. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 that stems from the presence of a cross-site scripting vulnerability. Allows remote attackers to execute arbitrary code via the...

CVE-2023-31293

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option...

CVE-2023-31295

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...

CVE-2023-31296

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...

CVE-2023-31294

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...

CVE-2023-31293

CVE-2023-31293 concerns Sesami CPTO 6.3.8.6. Multiple sources describe an improper access control in the Reader system user’s web browser that lets remote attackers obtain sensitive information and bypass profile restrictions, enabling the journal to be displayed even when the option is disabled....

PT-2023-23282 · Unknown · Sesami Cash Point & Transport Optimizer

Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: The issue allows attackers to obtain sensitive information via the User Name field. This is a CSV Injection vulnerability, which can be exploited to gain unauthorized...

PT-2023-23284 · Unknown · Sesami Cash Point & Transport Optimizer

Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user. This is a Cross Site...

PT-2023-23279 · Unknown · Sesami Cash Point & Transport Optimizer

Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: An issue was discovered that allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system...

CVE-2023-31297

An issue was discovered in SESAMI planfocus CPTO Cash Point & Transport Optimizer 6.3.8.6 718. There is XSS via the Name field when modifying a client...

SESAMI planfocus CPTO Cross-Site Scripting Vulnerability

SESAMI is an open framework for modern cash optimization. A cross-site scripting vulnerability exists in SESAMI planfocus CPTO version 6.3.8.6, which originates when inserting JavaScript into the Name field on the client side...

PT-2023-23283 · Sesami · Sesami Planfocus Cpto

Name of the Vulnerable Software and Affected Versions: SESAMI planfocus CPTO Cash Point & Transport Optimizer version 6.3.8.6 718 Description: An issue was discovered in the software, allowing for XSS via the Name field when modifying a client. Recommendations: For SESAMI planfocus CPTO Cash Poin...