CyberSec.Space Logo
返回 CVE 浏览器

CVE-2021-40850

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0780%
EPSS Percentile31.84th
Published2021年12月17日
Last Modified2024年11月21日

Vulnerability Description

TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx.

Affected Platforms (CPE)

📦
Tcman

Gim

= 8.0
📦
Tcman

Gim

= 11.0

References & Advisories

🔗 https://www.incibe-cert.es/en/early-warning/security-advisories/tcman-gim-sql-injection-vulnerability
🔗 https://www.incibe-cert.es/en/early-warning/security-advisories/tcman-gim-sql-injection-vulnerability

相关漏洞威胁

CVE-2021-408517.5

TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx. The exploita...

CVE-2021-408537.2

TCMAN GIM does not perform an authorization check when trying to access determined resources. A remote attacker could exploit this...

CVE-2021-408526.1

TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the redirection of user navigation to pages con...

CVE-2021-40465.4

The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability ...

CVE-2021-40850 Detail & Impact Analysis | CVSS 10.0 (CRITICAL) | Cyber-Sec.Space | Cyber-Sec.Space