CVE-2025-59739
CVE-2025-59739 describes an OS command‑injection in AndSoft’s e‑TMS v25.03. The root cause is misuse of the m parameter in the request path /clt/LOGINFRM_original.ASP , exploitable via a POST to execute arbitrary commands on the server. Impact: potential full server compromise (as supported by CV...