Vendor
Abacre
Products
2
CVEs
3
Across products
3
Status
Private
Products
2- 2 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-67263 | 0.00 | — | 0.00 | Jan 20, 2026 | Abacre Retail Point of Sale 14.0.0.396 is affected by a stored cross-site scripting (XSS) vulnerability in the Clients module. The application fails to properly sanitize user-supplied input stored in the Name and Surname fields. An attacker can insert malicious HTML or script content into these fields, which, persisted in the database. | |||
| CVE-2025-67261 | 0.00 | — | 0.00 | Jan 20, 2026 | Abacre Retail Point of Sale 14.0.0.396 is vulnerable to content-based blind SQL injection. The vulnerability exists in the Search function of the Orders page. | |||
| CVE-2025-65320 | 0.00 | — | 0.00 | Dec 3, 2025 | Abacre Restaurant Point of Sale (POS) up to 15.0.0.1656 are vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory during an activation attempt. |
- CVE-2025-67263Jan 20, 2026risk 0.00cvss —epss 0.00
Abacre Retail Point of Sale 14.0.0.396 is affected by a stored cross-site scripting (XSS) vulnerability in the Clients module. The application fails to properly sanitize user-supplied input stored in the Name and Surname fields. An attacker can insert malicious HTML or script content into these fields, which, persisted in the database.
- CVE-2025-67261Jan 20, 2026risk 0.00cvss —epss 0.00
Abacre Retail Point of Sale 14.0.0.396 is vulnerable to content-based blind SQL injection. The vulnerability exists in the Search function of the Orders page.
- CVE-2025-65320Dec 3, 2025risk 0.00cvss —epss 0.00
Abacre Restaurant Point of Sale (POS) up to 15.0.0.1656 are vulnerable to Cleartext Storage of Sensitive Information in Memory. The application leaves valid device-bound license keys in process memory during an activation attempt.