Andsoft

E-tms

40 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2025-59744

  • EPSS 0.06%
  • Published 02.10.2025 15:15:53
  • Last modified 02.10.2025 20:31:10

Path traversal vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to access files only within the web root using the “docurl” parameter in “/lib/asp/DOCSAVEASASP.ASP”.

9.8

CVE-2025-59743

  • EPSS 0.04%
  • Published 02.10.2025 15:15:53
  • Last modified 02.10.2025 20:31:17

SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'SessionID'...

9.8

CVE-2025-59742

  • EPSS 0.04%
  • Published 02.10.2025 15:15:53
  • Last modified 02.10.2025 20:30:04

SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'USRMAIL' p...

9.8

CVE-2025-59741

  • EPSS 0.39%
  • Published 02.10.2025 15:15:53
  • Last modified 02.10.2025 20:29:54

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier...

9.8

CVE-2025-59735

  • EPSS 0.39%
  • Published 02.10.2025 14:15:46
  • Last modified 02.10.2025 19:58:41

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier...

9.8

CVE-2025-59740

  • EPSS 0.39%
  • Published 02.10.2025 14:15:46
  • Last modified 02.10.2025 20:29:29

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier...

9.8

CVE-2025-59739

  • EPSS 0.39%
  • Published 02.10.2025 14:15:46
  • Last modified 02.10.2025 20:25:41

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier...

9.8

CVE-2025-59738

  • EPSS 0.39%
  • Published 02.10.2025 14:15:46
  • Last modified 02.10.2025 20:14:42

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier...

9.8

CVE-2025-59737

  • EPSS 0.39%
  • Published 02.10.2025 14:15:46
  • Last modified 02.10.2025 20:13:13

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier...

9.8

CVE-2025-59736

  • EPSS 0.39%
  • Published 02.10.2025 14:15:46
  • Last modified 02.10.2025 20:05:11

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier...