Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Aptsys gemscms POS Platform 安全漏洞
Vulnerability Description
Aptsys gemscms POS Platform是印度Aptsys公司的一个餐饮管理系统。 Aptsys gemscms POS Platform存在安全漏洞,该漏洞源于未经验证的端点返回使用MD5哈希的收银员凭据,可能导致凭据泄露和未经授权的登录。
CVSS Information
N/A
Vulnerability Type
N/A