4770 matches found
CVE-2023-31292
An issue was discovered in Sesami Cash Point & Transport Optimizer CPTO 6.3.8.6 718, allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack...
Sesami Cash Point & Transport Optimizer Security Vulnerability
Sesami Cash Point & Transport Optimizer is a solution from Sesami, Inc. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6, which stems from the presence of a stored cross-site scripting vulnerability. The vulnerability allows remote attackers to execu...
CVE-2023-31299
Cross Site Scripting XSS vulnerability in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 718, allows remote attackers to execute arbitrary code via the Barcode field of a container...
Sesami Cash Point & Transport Optimizer Security Vulnerability
Sesami Cash Point & Transport Optimizer is a solution from Sesami, Inc. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 that stems from the presence of a cross-site scripting vulnerability. Allows remote attackers to execute arbitrary code via the...
CVE-2023-31296
Affected software/product: Sesami CPTO (Cash Point & Transport Optimizer) — version 6.3.8.6 (#718). Vulnerability type / vector: CSV Injection via the User Name field. Root cause / impact: The issue enables an attacker to obtain sensitive information; documentation notes a CSV injection risk with...
Sesami Cash Point & Transport Optimizer Security Vulnerability
Sesami Cash Point & Transport Optimizer is a solution from Sesami, Inc. A security vulnerability exists in Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 that stems from the presence of a cross-site scripting vulnerability. The vulnerability allows remote attackers to execute...
CVE-2023-31298
CVE-2023-31298 is an XSS vulnerability in Sesami CPTO 6.3.8.6 (#718). The User ID field used when creating a new system user can be exploited by remote attackers to execute arbitrary code and access sensitive information. Documented details include affected software (CPTO 6.3.8.6) and the root ca...
PT-2023-23284 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user. This is a Cross Site...
PT-2023-23289 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: A Cross Site Scripting XSS issue allows remote attackers to execute arbitrary code via the Teller field. This enables attackers to inject malicious scripts into the...
PT-2023-23287 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: An issue in Sesami Cash Point & Transport Optimizer CPTO allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials...
PT-2023-23281 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: The issue allows remote attackers to obtain sensitive information via the User Profile field. This is a CSV Injection vulnerability, which can be exploited by attackers...
PT-2023-23280 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: The issue allows remote attackers to obtain sensitive information via the Delivery Name field. This is a result of a CSV Injection vulnerability. Recommendations: For...
PT-2023-23288 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: The issue allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log. This is a...
PT-2023-23279 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: An issue was discovered that allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system...
PT-2023-23282 · Unknown · Sesami Cash Point & Transport Optimizer
Name of the Vulnerable Software and Affected Versions: Sesami Cash Point & Transport Optimizer CPTO version 6.3.8.6 Description: The issue allows attackers to obtain sensitive information via the User Name field. This is a CSV Injection vulnerability, which can be exploited to gain unauthorized...
CVE-2023-31297
An issue was discovered in SESAMI planfocus CPTO Cash Point & Transport Optimizer 6.3.8.6 718. There is XSS via the Name field when modifying a client...
CVE-2023-31297
An issue was discovered in SESAMI planfocus CPTO Cash Point & Transport Optimizer 6.3.8.6 718. There is XSS via the Name field when modifying a client...
PT-2023-9629 · Oracle +4 · Mysql Server +3
Name of the Vulnerable Software and Affected Versions: Oracle MySQL Server versions 8.0.37 and prior Oracle MySQL Server versions 8.4.0 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of Oracle MySQL Server. It allows a low-privilege...
PT-2023-9631 · Oracle +4 · Mysql Server +3
Name of the Vulnerable Software and Affected Versions: MySQL Server versions 8.0.37 and prior MySQL Server versions 8.4.0 and prior Description: The issue is related to insufficient input validation in the Server: Optimizer component of the Oracle MySQL Server system management database. This can...
WordPress EWWW Image Optimizer Plugin < 7.2.1 Information Disclosure Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ewww:imageoptimizer"; if description...