Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-17458

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00233EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13579

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00361EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-13582

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00361EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-13575

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00588EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-13573

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00361EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-17457

Malicious code in bioql PyPI...

7.1CVSS6.6AI score0.00214EPSS
Exploits0References2
NVD
NVD
added 2025/06/09 1:15 p.m.14 views

CVE-2025-40668

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in...

7.1CVSS0.00233EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/28 1:46 p.m.14 views

CVE-2025-40665

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx...

8.7CVSS8.1AI score0.00315EPSS
Exploits0References1
NVD
NVD
added 2025/05/26 1:15 p.m.13 views

CVE-2025-40666

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in/GIMWeb/PC/frmPreventivosList.aspx...

9.8CVSS0.00315EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/26 12:48 p.m.15 views

CVE-2025-40666 Time-based blind SQL injection vulnerability in TCMAN GIM v11

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in/GIMWeb/PC/frmPreventivosList.aspx...

8.7CVSS0.00315EPSS
Exploits0References1
CVE
CVE
added 2025/05/26 12:48 p.m.75 views

CVE-2025-40666

CVE-2025-40666 affects TCMAN GIM v11. The vulnerability arises from time-based blind SQL injection via the ArbolID parameter in /GIMWeb/PC/frmPreventivosList.aspx, allowing an attacker to retrieve, create, update, and delete databases as described across multiple sources. Impact is high (confiden...

9.8CVSS8.1AI score0.00315EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/26 12:48 p.m.6 views

CVE-2025-40665 Time-based blind SQL injection vulnerability in TCMAN GIM v11

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx...

8.7CVSS8.1AI score0.00315EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/26 12:47 p.m.7 views

CVE-2025-40664 Missing authentication vulnerability in TCMAN GIM v11

Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestionUser.aspx/GetData, /frmGestionUser.aspx/updateUser and /frmGestionUser.aspx/DeleteUser...

9.3CVSS7.2AI score0.00486EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/08 1:19 p.m.20 views

CVE-2025-40622

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘username’...

9.8CVSS7.3AI score0.00361EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/08 1:19 p.m.22 views

CVE-2025-40625

Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to upload any file within the server, even a malicious file to obtain a Remote Code Execution RCE...

9.8CVSS7.2AI score0.00588EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/08 1:19 p.m.18 views

CVE-2025-40621

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’...

9.8CVSS7.3AI score0.00361EPSS
Exploits0References3
OSV
OSV
added 2025/05/06 11:15 a.m.6 views

CVE-2025-40621

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’...

9.8CVSS5.8AI score0.00361EPSS
Exploits0References1
CVE
CVE
added 2025/05/06 10:41 a.m.61 views

CVE-2025-40624

TCMAN’s GIM v11 is affected by a SQL injection in the updatePassword endpoint, exploitable by an unauthenticated attacker via the vulnerable parameters User and email . The root cause is unvalidated input leading to the ability to obtain, update, and delete all information in the database. The vu...

9.8CVSS7.3AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/05/06 10:41 a.m.59 views

CVE-2025-40623

CVE-2025-40623 describes an SQL injection in TCMAN's GIM v11. The vulnerability affects the createNotificationAndroid endpoint, specifically the Sender and email parameters, allowing an unauthenticated attacker to obtain, update, or delete all information in the database. Root cause: injectable S...

9.8CVSS7.3AI score0.00361EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2025/05/06 10:39 a.m.60 views

CVE-2025-40620

CVE-2025-40620 affects TCMAN’s GIM v11, with a SQL injection in the ValidateUserAndWS endpoint’s User parameter. An unauthenticated attacker can inject SQL to obtain, update, and delete all information in the database, impacting confidentiality, integrity, and availability (per CVSS vectors). No ...

9.8CVSS7.3AI score0.00361EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder