CNNVD-202510-328 Information

CNNVD ID

CNNVD-202510-328

Related CVE

CVE-2025-59744

• CNNVD Published: 2025-10-02

Description (Chinese)

AndSoft e-TMS是西班牙AndSoft公司的一款物流管理软件。 AndSoft e-TMS 25.03版本存在路径遍历漏洞，该漏洞源于docurl参数容易受到路径遍历攻击，可能导致访问web根目录内文件。

Description (English)

AndSoft e-TMS is a logistics management software for AndSoft in Spain. AndSoft e-TMS 25.03 has a loophole in the path, which stems from the fact that the docurl parameter is vulnerable to routing, which may lead to access to the documents in the web root directory.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

AndSoft

Published

2025-10-02

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/update-24092025-multiple-vulnerabilities-andsofts-e-tms

Patch

https://andsoft.es/es/solucio-1/menu-1/caracteristicas.html