CVE-2023-31300

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature...

CVE-2023-31300

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature...

Design/Logic Flaw

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature...

Input validation

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the User Profile field...

CVE-2023-31299

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container...

Input validation

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...

CVE-2023-31294

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via the Delivery Name field...

CVE-2023-31298

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user...

CVE-2023-31301

Stored Cross Site Scripting XSS Vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log...

CVE-2023-31298

Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

Cross site scripting

Stored Cross Site Scripting XSS Vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log...

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...

CVE-2023-31296

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...

CVE-2023-31300

CVE-2023-31300 affects Sesami CPTO v6.3.8.6, enabling remote attackers to obtain sensitive information via unencrypted credentials transmitted during Password Reset. Root cause: transmission of plaintext credentials. Impact: potential confidentiality breach (HIGH). No exploit specifics provided i...

CVE-2023-31296

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows attackers to obtain sensitive information via the User Name field...

CVE-2023-31300

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature...

CVE-2023-31293

An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option...

CVE-2023-31295

CVE-2023-31295 affects Sesami CPTO (Cash Point & Transport Optimizer) version 6.3.8.6. The issue is a CSV Injection in the User Profile field that allows a remote attacker to obtain sensitive information. Public sources available in the connected documents consistently describe the vulnerability ...