Lucene search
K

6 matches found

CNVD
CNVD
added 2025/10/13 12:0 a.m.2 views

AndSoft e-TMS OS Command Injection Vulnerability (CNVD-2025-23563)

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from a misuse of parameter m in file /clt/LOGINFRMoriginal.ASP, which can be exploited by an attacker to execute operating system...

9.8CVSS8AI score0.01416EPSS
Exploits0References1
OSV
OSV
added 2025/10/02 3:15 p.m.5 views

CVE-2025-59759

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/02 2:42 p.m.2 views

CVE-2025-59771 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS6.1AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2025/10/02 2:15 p.m.7 views

CVE-2025-59735

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in '/clt/LOGINFRM.ASP'...

9.8CVSS0.01536EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.5 views

PT-2025-40355

Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description An operating system command injection issue exists in AndSoft e-TMS version 25.03. This allows an attacker to execute operating system commands on the server. The issue is triggered by sending a POST...

9.8CVSS7.7AI score0.01536EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.9 views

PT-2025-40358

Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description An operating system command injection issue exists in AndSoft e-TMS version 25.03. This allows an attacker to execute operating system commands on the server. The issue is triggered by sending a POST...

9.8CVSS7.4AI score0.01416EPSS
Exploits0References6
Rows per page
Query Builder