PT-2025-24428 · Tcman · Tcman'S Gim

Name of the Vulnerable Software and Affected Versions: TCMAN's GIM version 11 Description: The issue is related to an incorrect authorization vulnerability. This vulnerability allows an attacker with a low privilege level to change the password of other users through a POST request using the...

PT-2025-22900 · Tcman · Tcman'S Gim

Name of the Vulnerable Software and Affected Versions: TCMAN's GIM version 11 Description: A missing authorization vulnerability in TCMAN's GIM allows an authenticated attacker to access any functionality of the application, even when they are not available through the user interface. To exploit...

PT-2025-22898 · Tcman · Tcman'S Gim

Name of the Vulnerable Software and Affected Versions: TCMAN's GIM version 11 Description: The issue concerns time-based blind SQL injection vulnerabilities. These vulnerabilities allow an attacker to retrieve, create, update, and delete databases through the ArbolID parameter in the...

CVE-2025-40622 Multiple vulnerabilities in TCMAN's GIM

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘username’...

PT-2025-19916 · Tcman · Tcman'S Gim

Name of the Vulnerable Software and Affected Versions: TCMAN's GIM version 11 Description: This issue allows an unauthenticated attacker to inject an SQL statement to obtain, update, and delete all information in the database. The vulnerability is found in the User parameter of the...

PT-2025-19918 · Tcman · Tcman'S Gim

Name of the Vulnerable Software and Affected Versions: TCMAN's GIM version 11 Description: This issue allows an unauthenticated attacker to inject an SQL statement to obtain, update, and delete all information in the database. The vulnerability is found in the username parameter of the...