Gim Security Vulnerabilities and Issues — Gim CVE List

Lucene search

TcmanGim

3 matches found

CVE•added 2025/06/09 1:15 p.m.•42 views

CVE-2025-40668

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChang...

7.1CVSS6.7AI score0.0005EPSS

CVE•added 2025/06/09 1:15 p.m.•41 views

CVE-2025-40669

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1.

7.1CVSS6.4AI score0.00041EPSS

CVE•added 2025/06/09 1:15 p.m.•40 views

CVE-2025-40670

Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser.

7.1CVSS6.5AI score0.0005EPSS