CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AndSoft e-TMS v25.03 is affected by a reflected Cross-Site Scripting (XSS) vulnerability. The issue arises from lack of proper filtering/escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn within the /clt/LOGINFRM_VON.ASP endpoint, enabling an attacker to c...

6.1CVSS6.1AI score0.00025EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/10/02 12:0 a.m.•3 views

PT-2025-40378

Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description A cross-site scripting XSS issue exists that allows an attacker to execute JavaScript code in a victim’s browser. This is achieved by sending a malicious URL. The vulnerability is reflected in the...

6.1CVSS6.2AI score0.00025EPSS

Exploits0References3

Positive Technologies•added 2025/10/02 12:0 a.m.•2 views

PT-2025-40380

Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description A cross-site scripting issue exists that could allow an attacker to execute JavaScript code in a user's browser. This is achieved by sending a malicious URL to a victim. The vulnerability is reflected in...

6.1CVSS6.5AI score0.00025EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by