CVE-2026-32888

{"id": "CVE-2026-32888", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}]}, "published": "2026-03-20T03:15:59.707", "references": [{"url": "https://github.com/opensourcepos/opensourcepos/security/advisories/GHSA-hmjv-wm3j-pfhw", "tags": ["Exploit", "Vendor Advisory", "Patch"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "Open Source Point of Sale is a web based point-of-sale application written in PHP using CodeIgniter framework. Versions contain an SQL Injection in the Items search functionality. When the custom attribute search feature is enabled (search_custom filter), user-supplied input from the search GET parameter is interpolated directly into a HAVING clause without parameterization or sanitization. This allows an authenticated attacker with basic item search permissions to execute arbitrary SQL queries. A patch did not exist at the time of publication."}, {"lang": "es", "value": "Open Source Point de Sale es una aplicaci\u00f3n de punto de venta basada en web escrita en PHP utilizando el framework CodeIgniter. Las versiones contienen una inyecci\u00f3n SQL en la funcionalidad de b\u00fasqueda de Art\u00edculos. Cuando la funci\u00f3n de b\u00fasqueda de atributos personalizados est\u00e1 habilitada (filtro search_custom), la entrada proporcionada por el usuario desde el par\u00e1metro GET de b\u00fasqueda se interpola directamente en una cl\u00e1usula HAVING sin parametrizaci\u00f3n ni saneamiento. Esto permite a un atacante autenticado con permisos b\u00e1sicos de b\u00fasqueda de art\u00edculos ejecutar consultas SQL arbitrarias. No exist\u00eda un parche en el momento de la publicaci\u00f3n."}], "lastModified": "2026-04-08T20:54:00.880", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:opensourcepos:open_source_point_of_sale:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A212E29B-410C-462B-AA6F-CF02175A6913", "versionEndIncluding": "3.4.2"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}