3 matches found
CVE-2025-59738
creationtimestamp| type| source ---|---|--- 2025-10-02 15:03:40+00:00| seen| https://gist.github.com/Darkcrai86/27c1013a919b4720e51b434d7a5ef5be...
CVE-2025-59738
Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/clt/LOGINFRMBET.ASP'...
CVE-2025-59738
AndSoft e-TMS v25.03 contains an OS command-injection vulnerability. The flaw originates from the misuse of the m parameter in the /clt/LOGINFRM_BET.ASP endpoint, exploitable via a POST request to run operating-system commands on the server. Public advisories (NVD, CNVD/CNNVD, CIRCL/CVE) confirm ...