AndSoft e-TMS 命令注入漏洞

AndSoft e-TMS is a logistics management software from AndSoft Spain. AndSoft e-TMS suffers from an operating system command injection vulnerability that originates from a misuse of the parameter m in the file /clt/LOGINFRMCAT.ASP, which can be exploited by an attacker to execute operating system...

PT-2025-40368

Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description A reflected cross-site scripting XSS issue exists in AndSoft e-TMS version 25.03. This allows an attacker to execute JavaScript code within a user's browser by sending a crafted URL. The vulnerability is...