Shodan
Vulnerabilities
Vulnerable Software
Sesami:  >> Cash Point & Transport Optimizer  Security Vulnerabilities
CVE-2023-31295
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the User Profile field.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-12-29
CVE-2023-31300
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via transmission of unencrypted, cleartext credentials during Password Reset feature.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-12-29
CVE-2023-31302
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Teller field.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-12-29
CVE-2023-31299
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code via the Barcode field of a container.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-12-29
CVE-2023-31296
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-12-29
CVE-2023-31293
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option being disabled.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-12-29
CVE-2023-31294
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the Delivery Name field.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-12-29
CVE-2023-31298
Cross Site Scripting (XSS) vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the User ID field when creating a new system user.
CVSS Score
4.8
EPSS Score
0.002
Published
2023-12-29
CVE-2023-31301
Stored Cross Site Scripting (XSS) Vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to execute arbitrary code and obtain sensitive information via the Username field of the login form and application log.
CVSS Score
6.1
EPSS Score
0.003
Published
2023-12-29
CVE-2023-31292
An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows local attackers to obtain sensitive information and bypass authentication via "Back Button Refresh" attack.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-12-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved