Product
tcman gim
24 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2025-41015
CVE-2025-41014
CVE-2025-41013
CVE-2025-41012
CVE-2025-40670
CVE-2025-40669
CVE-2025-40668
CVE-2025-40667
CVE-2025-40666
CVE-2025-40665
CVE-2025-40664
CVE-2025-40625
CVE-2025-40624
CVE-2025-40623
CVE-2025-40622
CVE-2025-40621
CVE-2025-40620
CVE-2022-36277
CVE-2022-36276
CVE-2021-4046
CVE-2021-40853
CVE-2021-40852
CVE-2021-40851
CVE-2021-40850
< 2025-04-01
User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determi
< 2025-04-01
User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determi
< 2025-04-01
SQL injection vulnerability in TCMAN GIM v11 in version 20250304. This vulnerability allows an attacker to retrieve, create, updat
< 2025-04-01
Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to dete
all versions
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and
all versions
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permiss
all versions
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to chan
all versions
Missing authorization vulnerability in TCMAN's GIM v11. This allows an authenticated attacker to access any functionality of the a
all versions
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete
all versions
Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete
all versions
Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestion
all versions
Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to upload any file within the s
all versions
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, upda
all versions
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, upda
all versions
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, upda
all versions
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, upda
all versions
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, upda
all versions
The 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionStock.aspx and frmEditServicio.as
all versions
TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation o
all versions
The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability
all versions
TCMAN GIM does not perform an authorization check when trying to access determined resources. A remote attacker could exploit this
all versions
TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the redirection of user navigation to pages con
all versions
TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx. The exploita
all versions
TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx.