Show filters
11 Total Results
Displaying 1-10 of 11
Sort by:
Attacker Value
Unknown

CVE-2023-31302

Disclosure Date: December 29, 2023 (last updated January 09, 2024)
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Teller field.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-31300

Disclosure Date: December 29, 2023 (last updated January 09, 2024)
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31295

Disclosure Date: December 29, 2023 (last updated January 09, 2024)
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the User Profile field.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31299

Disclosure Date: December 29, 2023 (last updated January 09, 2024)
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Barcode field of a container.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-31296

Disclosure Date: December 29, 2023 (last updated January 05, 2024)
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31294

Disclosure Date: December 29, 2023 (last updated January 09, 2024)
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the Delivery Name field.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31293

Disclosure Date: December 29, 2023 (last updated January 09, 2024)
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option being disabled.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2023-31301

Disclosure Date: December 29, 2023 (last updated January 05, 2024)
Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-31298

Disclosure Date: December 29, 2023 (last updated January 05, 2024)
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.
Attack Vector: NetworkPrivileges: HighUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-31292

Disclosure Date: December 29, 2023 (last updated January 05, 2024)
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack.
Attack Vector: LocalPrivileges: LowUser Interaction: None
0
0
View More Topics  Next >