Lucene search
+L

71 matches found

nvd
nvd
added 2025/10/02 3:15 p.m.6 views

CVE-2025-59773

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.3 views

CVE-2025-59766

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.4 views

CVE-2025-59769

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.7 views

CVE-2025-59765

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
nvd
nvd
added 2025/10/02 3:15 p.m.20 views

CVE-2025-59763

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.4 views

CVE-2025-59753

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.6 views

CVE-2025-59751

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.4 views

CVE-2025-59755

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
nvd
nvd
added 2025/10/02 3:15 p.m.20 views

CVE-2025-59755

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.9CVSS0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.7 views

CVE-2025-59757

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
osv
osv
added 2025/10/02 3:15 p.m.7 views

CVE-2025-59750

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

6.1CVSS5.9AI score0.00181EPSS
Exploits0References1
cve
cve
added 2025/10/02 2:46 p.m.31 views

CVE-2025-59772

AndSoft e-TMS v25.03 is affected by a reflected XSS vulnerability in the /clt/LOGINFRM_SIL.ASP endpoint. The issue arises from lack of proper filtering/escaping of user-supplied data in the parameters l, demo, demo2, TNTLOGIN, UO, and SuppConn, allowing an attacker to execute JavaScript in a vict...

6.1CVSS6.1AI score0.00181EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2025/10/02 2:38 p.m.3 views

CVE-2025-59767 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS6.1AI score0.00181EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/02 2:37 p.m.11 views

CVE-2025-59765 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS0.00181EPSS
Exploits0References1
cve
cve
added 2025/10/02 2:36 p.m.16 views

CVE-2025-59764

AndSoft e-TMS v25.03 has a reflected XSS vulnerability in the LOGINFRM_FCC.ASP endpoint, caused by insufficient filtering/escaping of user-supplied data in the l, demo, demo2, TNTLOGIN, UO and SuppConn parameters. An attacker can entice a user to visit a crafted URL to execute JavaScript in the v...

6.1CVSS6.1AI score0.00181EPSS
Exploits0References1Affected Software1
cve
cve
added 2025/10/02 2:35 p.m.12 views

CVE-2025-59762

CVE-2025-59762 is a reflected XSS in AndSoft e-TMS v25.03. The vulnerability stems from insufficient validation of the parameters l, demo, demo2, TNTLOGIN, UO and SuppConn in /clt/LOGINFRM_DLG.ASP, enabling an attacker to inject JavaScript via a malicious URL. Documented across NVD/CVE records an...

6.1CVSS6.1AI score0.00181EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2025/10/02 2:30 p.m.12 views

CVE-2025-59757 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS6.1AI score0.00181EPSS
Exploits0References1
cve
cve
added 2025/10/02 2:27 p.m.18 views

CVE-2025-59755

CVE-2025-59755 traces to an XSS in AndSoft e-TMS v25.03. The vulnerability is a reflected XSS caused by lack of proper filtering/escaping for parameters l, demo, demo2, TNTLOGIN, UO, SuppConn in /clt/LOGINFRM_CAT.ASP, enabling JavaScript execution via a malicious URL. Connected reports from CNVD/...

6.9CVSS6.1AI score0.00181EPSS
Exploits0References1Affected Software1
cve
cve
added 2025/10/02 2:26 p.m.16 views

CVE-2025-59754

AndSoft e-TMS v25.03 is affected by an XSS vulnerability that is reflected via the endpoints in file /clt/LOGINFRM_original.ASP. The vulnerability arises from insufficient input filtering/escaping for the parameters l , demo , demo2 , TNTLOGIN , UO , and SuppConn , allowing an attacker to cause J...

6.1CVSS6.1AI score0.00192EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2025/10/02 2:25 p.m.11 views

CVE-2025-59753 Multiple vulnerabilities in AndSoft's e-TMS

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

5.1CVSS0.00181EPSS
Exploits0References1
Rows per page
Query Builder