exploitDog

GHSA-q548-2h6c-v2mf

Опубликовано: 26 мая 2025

Источник: github

Github: Не прошло ревью

CVSS4: 8.7

CVSS3: 9.8

Описание

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx.

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx.

Ссылки

EPSS

Процентиль: 12%

0.00042

Низкий

8.7 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2025-40665

CVSS3: 9.8

nvd

9 месяцев назад

Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx.

EPSS

Процентиль: 12%

0.00042

Низкий

8.7 High

CVSS4

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89