GCVE - cpe:2.3:a:abacre:retail_point_of_sale:14.0.0.396:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:abacre:retail_point_of_sale:14.0.0.396:*:*:*:*:*:*:*

part: a version: 14.0.0.396 update: *

Vendor	Abacre (`3076a901-e7f2-5c8c-a83b-159631b767b8`)
Product	Retail Point Of Sale (`5f499026-e9e1-5fff-a018-171d6bc33a56`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2025-67263`	vulnerable	2026-06-03 15:11:01.469444	Details available Abacre Retail Point of Sale 14.0.0.396 is affected by a stored cross-site scripting (XSS) vulnerability in the Clients module. The application fails to properly sanitize user-supplied input stored in the Name and Surname fields. An attacker can insert malicious HTML or script content into these fields, which, persisted in the database. Published: 2026-01-20T00:00:00.000Z Updated: 2026-01-20T18:53:28.009Z Open on db.gcve.eu Reference links https://www.abacre.com/retailpointofsale/ https://packetstorm.news/files/id/214045/	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-67261`	vulnerable	2026-06-03 15:11:01.468992	Details available Abacre Retail Point of Sale 14.0.0.396 is vulnerable to content-based blind SQL injection. The vulnerability exists in the Search function of the Orders page. Published: 2026-01-20T00:00:00.000Z Updated: 2026-01-21T16:38:37.574Z Open on db.gcve.eu Reference links https://www.abacre.com/retailpointofsale/ https://packetstorm.news/files/id/214046/	Imported from gcve-enriched-dumps CVE data

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.