2025-10-02 14:02:41
INCIBE
PUBLISHED
Operating system command injection vulnerability in AndSofts e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a m parameter in /clt/LOGINFRM_LXA.ASP.