Vulnerabilities > Tcman > GIM > 8.0.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-04 | CVE-2022-36276 | SQL Injection vulnerability in Tcman GIM 8.0.1 TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. | 9.8 |
2023-10-04 | CVE-2022-36277 | Cross-site Scripting vulnerability in Tcman GIM 8.0.1 The 'sReferencia', 'sDescripcion', 'txtCodigo' and 'txtDescripcion' parameters, in the frmGestionStock.aspx and frmEditServicio.aspx files in TCMAN GIM v8.0.1, could allow an attacker to perform persistent XSS attacks. | 6.1 |
2022-02-11 | CVE-2021-4046 | Cross-site Scripting vulnerability in Tcman GIM 8.0.1/8.01 The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. | 5.4 |