Filtered by vendor Tms
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-69612 | 1 Tms | 1 Management Console | 2026-01-23 | 6.5 Medium |
| A path traversal vulnerability exists in TMS Management Console (version 6.3.7.27386.20250818) from TMS Global Software. The "Download Template" function in the profile dashboard does not neutralize directory traversal sequences (../) in the filePath parameter, allowing authenticated users to read arbitrary files, such as the server's Web.config. | ||||
| CVE-2025-69828 | 1 Tms | 1 Management Console | 2026-01-23 | 10 Critical |
| File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit | ||||
Page 1 of 1.