CVE-2025-40620

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’...

CVE-2025-40620

CVE-2025-40620 affects TCMAN’s GIM v11, with a SQL injection in the ValidateUserAndWS endpoint’s User parameter. An unauthenticated attacker can inject SQL to obtain, update, and delete all information in the database, impacting confidentiality, integrity, and availability (per CVSS vectors). No ...

CVE-2025-40620 Multiple vulnerabilities in TCMAN's GIM

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’...

PT-2025-19916 · Tcman · Tcman'S Gim

Name of the Vulnerable Software and Affected Versions: TCMAN's GIM version 11 Description: This issue allows an unauthenticated attacker to inject an SQL statement to obtain, update, and delete all information in the database. The vulnerability is found in the User parameter of the...