AndSoft e-TMS Cross-Site Scripting Vulnerability (CNVD-2025-23541)

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn in the file...

CVE-2025-59753

The CVE-2025-59753 entries describe a reflected Cross-Site Scripting (XSS) vulnerability in AndSoft e-TMS v25.03. The issue stems from insufficient filtering/escaping of user-supplied data in parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn within /clt/LOGINFRM_BET.ASP, allowing an attacker ...