Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Sesami Subscribe
Filtered by product Cash Point \& Transport Optimizer
Total 5 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31296 1 Sesami 1 Cash Point \& Transport Optimizer 2024-08-27 N/A 5.3 MEDIUM
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field.
CVE-2023-31292 1 Sesami 1 Cash Point \& Transport Optimizer 2024-02-05 N/A 5.5 MEDIUM
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack.
CVE-2023-31297 1 Sesami 1 Cash Point \& Transport Optimizer 2024-02-05 N/A 4.8 MEDIUM
An issue was discovered in SESAMI planfocus CPTO (Cash Point & Transport Optimizer) 6.3.8.6 718. There is XSS via the Name field when modifying a client.
CVE-2023-31301 1 Sesami 1 Cash Point \& Transport Optimizer 2024-02-05 N/A 6.1 MEDIUM
Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log.
CVE-2023-31298 1 Sesami 1 Cash Point \& Transport Optimizer 2024-02-05 N/A 4.8 MEDIUM
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.