2 matches found
CVE-2025-59741
AndSoft e-TMS v25.03 suffers an OS command injection that can be triggered by sending a POST request to /CLT/LOGINERRORFRM.ASP with the m parameter. Multiple connected sources (CNVD-2025-23538, NVD/CVE-2025-59741, CNNVD-202510-331, PT-2025-40361) confirm the vulnerability exists and that an attac...
AndSoft e-TMS 命令注入漏洞
AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability, which is due to program misuse of parameter m in file /CLT/LOGINERRORFRM.ASP, and can be exploited by an attacker to execute operating system comman...