Aptsys Gemscms Backend — known CVE vulnerabilities
Every CVE whose affected-product data names Aptsys Gemscms Backend, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-52024 — CVSS 9.4 (critical): A vulnerability exists in the Aptsys POS Platform Web Services module thru 2025-05-28, which exposes internal API testing tools to…
CVE-2025-52025 — CVSS 9.4 (critical): An SQL Injection vulnerability exists in the GetServiceByRestaurantID endpoint of the Aptsys gemscms POS Platform backend thru 2025-05-28…
CVE-2025-52026 — CVSS 7.5 (high): An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru…
CVE-2025-52022 — CVSS 5.3 (medium): A vulnerability in the PHP backend of gemsloyalty.aptsys.com.sg thru 2025-05-28 allows unauthenticated remote attackers to trigger detailed…
CVE-2025-52023 — CVSS 5.3 (medium): A vulnerability in the PHP backend of gemscms.aptsys.com.sg thru 2025-05-28 allows unauthenticated remote attackers to trigger detailed…