CVE-2022-36276

TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database...

Sql injection

TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database...

TCMAN GIM SQL Injection Vulnerability

TCMAN GIM is a CMMS from TCMAN that can be used in a variety of areas: industry, facilities, healthcare, fleet and maintenance services. A SQL injection vulnerability exists in TCMAN GIM v8.0.1, which can be exploited by remote attackers to interact directly with the database via the SqlWhere...

PT-2023-13468 · Tcman Gim · Tcman Gim

Name of the Vulnerable Software and Affected Versions: TCMAN GIM version 8.0.1 Description: The issue is related to a SQL injection vulnerability via the SqlWhere parameter inside the BuscarESM function. This could allow a remote attacker to directly interact with the database. Recommendations: F...