VYPR

gemscms POS Platform

by Aptsys

CVEs (2)

  • CVE-2025-52025Jan 23, 2026
    risk 0.00cvss epss 0.00

    An SQL Injection vulnerability exists in the GetServiceByRestaurantID endpoint of the Aptsys gemscms POS Platform backend thru 2025-05-28. The vulnerability arises because user input is directly inserted into a dynamic SQL query syntax without proper sanitization or…

  • CVE-2025-52026Jan 23, 2026
    risk 0.00cvss epss 0.00

    An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed…