VYPR

e-TMS

by AndSoft

CVEs (40)

  • CVE-2025-59754Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo,…

  • CVE-2025-59753Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo,…

  • CVE-2025-59752Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo,…

  • CVE-2025-59751Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo,…

  • CVE-2025-59750Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo,…

  • CVE-2025-59749Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l' parameter in…

  • CVE-2025-59748Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l' and 'reset'…

  • CVE-2025-59747Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l' parameter in…

  • CVE-2025-59746Oct 2, 2025
    risk 0.00cvss epss 0.00

    Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'm' parameter…

  • CVE-2025-59745Oct 2, 2025
    risk 0.00cvss epss 0.00

    Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to collision attacks and…

  • CVE-2025-59744Oct 2, 2025
    risk 0.00cvss epss 0.00

    Path traversal vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to access files only within the web root using the “docurl” parameter in “/lib/asp/DOCSAVEASASP.ASP”.

  • CVE-2025-59743Oct 2, 2025
    risk 0.00cvss epss 0.00

    SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'SessionID' cookie in…

  • CVE-2025-59742Oct 2, 2025
    risk 0.00cvss epss 0.00

    SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameter and assigned identifier is a 'USRMAIL' parameter…

  • CVE-2025-59741Oct 2, 2025
    risk 0.00cvss epss 0.01

    Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in…

  • CVE-2025-59740Oct 2, 2025
    risk 0.00cvss epss 0.01

    Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in…

  • CVE-2025-59739Oct 2, 2025
    risk 0.00cvss epss 0.01

    Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in…

  • CVE-2025-59738Oct 2, 2025
    risk 0.00cvss epss 0.01

    Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in…

  • CVE-2025-59737Oct 2, 2025
    risk 0.00cvss epss 0.01

    Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in…

  • CVE-2025-59736Oct 2, 2025
    risk 0.00cvss epss 0.01

    Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in…

  • CVE-2025-59735Oct 2, 2025
    risk 0.00cvss epss 0.02

    Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameter and assigned identifier is a 'm' parameter in…

Page 2 of 2