📦 Gim
by Tcman
🔍 What is Gim?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This SQL injection vulnerability in TCMAN GIM v11 allows attackers to manipulate database queries through the 'idmant' parameter in GET requests to '/PC/frmEPIS.aspx'. Attackers can retrieve, modify, ...
CVE-2025-40664 is a missing authentication vulnerability in TCMAN GIM v11 that allows unauthenticated attackers to access user management endpoints. This enables unauthorized viewing, modification, an...
CVE-2025-40666 is a critical SQL injection vulnerability in TCMAN's GIM v11 that allows attackers to manipulate databases through the ArbolID parameter. Attackers can retrieve, create, update, and del...
An unauthenticated SQL injection vulnerability in TCMAN's GIM v11 allows attackers to execute arbitrary SQL commands through the 'User' and 'email' parameters of the 'updatePassword' endpoint. This en...
This is a critical SQL injection vulnerability in TCMAN's GIM v11 software that allows unauthenticated attackers to execute arbitrary SQL commands through the 'username' parameter of the 'GetLastDateP...
This is a critical SQL injection vulnerability in TCMAN's GIM v11 software that allows unauthenticated attackers to execute arbitrary SQL commands through the 'User' parameter. Attackers can read, mod...
CVE-2022-36276 is a critical SQL injection vulnerability in TCMAN GIM v8.0.1 that allows remote attackers to execute arbitrary SQL commands via the 'SqlWhere' parameter. This affects organizations usi...
This vulnerability allows unauthenticated attackers to determine valid usernames in TCMAN GIM v11 systems by exploiting a user enumeration flaw in the web service endpoint. Attackers can send speciall...
This vulnerability allows unauthenticated attackers to determine valid usernames in TCMAN GIM v11 systems by exploiting a user enumeration flaw in the web service endpoint. Attackers can query the sys...
An incorrect authorization vulnerability in TCMAN's GIM v11 allows unauthenticated attackers to create privileged user accounts via a POST request to /PC/frmGestionUser.aspx/updateUser. This enables p...
This vulnerability in TCMAN GIM v11 allows unauthenticated attackers to determine whether specific user accounts exist on the system by exploiting a SOAP web service endpoint. Attackers can use this i...
This vulnerability in TCMAN's GIM v11 allows unauthenticated attackers to modify user permissions via a specific POST request. Attackers can escalate privileges or disrupt access controls. All systems...