2025-10-02 14:03:54
INCIBE
PUBLISHED
Operating system command injection vulnerability in AndSofts e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a m parameter in /clt/LOGINFRM_original.ASP.