Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Cash Point & Transport Optimizer Security Vulnerabilities - January

cve
cve

CVE-2023-31292

An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack.

5.5CVSS

5.3AI Score

0.0004EPSS

2023-12-29 02:15 AM
20
cve
cve

CVE-2023-31293

An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the opt...

4.3CVSS

4.6AI Score

0.001EPSS

2023-12-29 03:15 AM
18
cve
cve

CVE-2023-31294

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the Delivery Name field.

7.5CVSS

7.4AI Score

0.001EPSS

2023-12-29 03:15 AM
15
cve
cve

CVE-2023-31295

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the User Profile field.

7.5CVSS

7.4AI Score

0.001EPSS

2023-12-29 06:15 AM
13
cve
cve

CVE-2023-31296

CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field.

5.3CVSS

5.2AI Score

0.0005EPSS

2023-12-29 04:15 AM
10
cve
cve

CVE-2023-31297

An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client.

4.8CVSS

4.8AI Score

0.0004EPSS

2023-12-25 07:15 AM
13
cve
cve

CVE-2023-31298

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.

4.8CVSS

5.3AI Score

0.001EPSS

2023-12-29 02:15 AM
14
cve
cve

CVE-2023-31299

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Barcode field of a container.

6.1CVSS

6.1AI Score

0.001EPSS

2023-12-29 05:15 AM
14
cve
cve

CVE-2023-31300

An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature.

7.5CVSS

7.3AI Score

0.001EPSS

2023-12-29 06:15 AM
14
cve
cve

CVE-2023-31301

Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log.

6.1CVSS

6.3AI Score

0.001EPSS

2023-12-29 02:15 AM
12
cve
cve

CVE-2023-31302

Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Teller field.

6.1CVSS

6.1AI Score

0.001EPSS

2023-12-29 06:15 AM
18