2025-10-02 14:13:38
INCIBE
PUBLISHED
SQL injection vulnerability in AndSofts e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a SessionID cookie in /inc/connect/CONNECTION.ASP.