cbcvebase.

Tcman Gim vulnerabilities

24 known vulnerabilities affecting tcman/gim.

Total CVEs
24
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL12HIGH5MEDIUM7

Vulnerabilities

Page 2 of 2
CVE-2025-41012P3MEDIUMCVSS 5.3fixed in 2025-04-01fixed in 202503042025-12-02
CVE-2025-41012 [MEDIUM] CWE-862 CVE-2025-41012: Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an un Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the 'pda:userId' and 'pda:newPassword' parameters with 'soapaction UnlockUser’ in '/WS/PDAWebService.asmx'.
nvd
CVE-2022-36277P4MEDIUMCVSS 6.1v8.0.1vv8.0.12023-10-04
CVE-2022-36277 [MEDIUM] CWE-79 CVE-2022-36277: The 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionSto The 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS attacks.
nvd
CVE-2021-40852P4MEDIUMCVSS 6.1v8.0v11.02021-12-17
CVE-2021-40852 [MEDIUM] CWE-601 CVE-2021-40852: TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the redirection o TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the redirection of user navigation to pages controlled by the attacker. The exploitation of this vulnerability might allow a remote attacker to obtain information.
nvd
CVE-2021-4046P4MEDIUMCVSS 5.4v8.0.1v8.012022-02-11
CVE-2021-4046 [MEDIUM] CWE-79 CVE-2021-4046: The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XS The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to carry out a number of browser-based attacks including browser hijacking or theft of sensitive data.
nvd
Tcman Gim vulnerabilities | cvebase