Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedhatCVE
RedhatCVEadded 2025/12/03 2:2 p.m.4 views

CVE-2025-41012

Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the 'pda:userId' and 'pda:newPassword' parameters with 'soapaction UnlockUser’ in '/WS/PDAWebService.asmx'...

8.7CVSS6.9AI score0.0021EPSS
Exploits0References1
OSV
OSVadded 2025/12/02 1:15 p.m.6 views

CVE-2025-41012

Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the 'pda:userId' and 'pda:newPassword' parameters with 'soapaction UnlockUser’ in '/WS/PDAWebService.asmx'...

5.3CVSS5.8AI score0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/12/02 1:12 p.m.2 views

CVE-2025-41012 Unauthorized access vulnerability in TCMAN GIM

Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the 'pda:userId' and 'pda:newPassword' parameters with 'soapaction UnlockUser’ in '/WS/PDAWebService.asmx'...

8.7CVSS6.5AI score0.0021EPSS
Exploits0References1
BDU FSTEC
BDU FSTECadded 2025/04/27 12:0 a.m.6 views

The vulnerability of the UnlockUser method in the software for managing and monitoring deleted objects in telemetry and telemechanics systems of the TeleControl Server Basic allows a hacker to circumvent security restrictions and gain access to write and read arbitrary files.

The vulnerability of the UnlockUser method in software for managing and monitoring remote devices in telemetry and telemechanics systems related to the lack of security measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to bypass security...

9CVSS5.8AI score0.00604EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2025/04/16 6:16 p.m.2 views

CVE-2025-32844

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockUser' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and writ...

8.7CVSS5.8AI score0.00604EPSS
Exploits0References1
CNNVD
CNNVDadded 2025/04/16 12:0 a.m.3 views

Siemens TeleControl Server Basic SQL注入漏洞

Siemens TeleControl Server Basic is an industrial remote controller from Siemens, Germany. Siemens TeleControl Server Basic suffers from an SQL injection vulnerability that originates from an internal method, UnlockUser, which can be exploited by an attacker to bypass authorization controls and...

8.8CVSS8.5AI score0.00604EPSS
Exploits0References2
Rows per page
Query Builder