6 matches found
CVE-2025-67261
Abacre Retail Point of Sale 14.0.0.396 is vulnerable to content-based blind SQL injection. The vulnerability exists in the Search function of the Orders page...
CVE-2025-67263
Abacre Retail Point of Sale 14.0.0.396 is affected by a stored cross-site scripting XSS vulnerability in the Clients module. The application fails to properly sanitize user-supplied input stored in the Name and Surname fields. An attacker can insert malicious HTML or script content into these...
Abacre Retail Point of Sale security vulnerability
Abacre Retail Point of Sale is a new generation retail management software developed by the Canadian company Abacre. Version 14.0.0.396 of Abacre Retail Point of Sale contains a security vulnerability. This vulnerability arises from improper cleaning of user inputs stored in fields for names and...
Abacre Retail Point of Sale security vulnerability
Abacre Retail Point of Sale is a new generation retail management software developed by the Canadian company Abacre. Version 14.0.0.396 of Abacre Retail Point of Sale contains a security vulnerability, which stems from a content-based blind SQL injection vulnerability in the order search function...
CVE-2025-67263
CVE-2025-67263 affects Abacre Retail Point of Sale 14.0.0.396 in the Clients module. The vulnerability is a stored XSS caused by failing to properly sanitize user-supplied input in the Name and Surname fields, which is persisted in the database. An attacker can inject HTML or script content that ...
CVE-2025-67261
CVE-2025-67261 affects Abacre Retail Point of Sale 14.0.0.396. The issue is a content-based blind SQL injection in the Orders page > Search function. Technical evidence shows exploit payloads attempting to infer database structure (e.g., existence of Client table via EXISTS(SELECT 1 FROM Clien...