The m_txtNom y m_txtCognoms parameters in TCMAN GIM v8.01 allow an attacker to perform persistent XSS attacks. This vulnerability could be used to car...
5.4
CVSS
6 months ago
🔥
CVE-2021-40850
TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx.
TCMAN GIM is vulnerable to a lack of authorization in all available webservice methods listed in /PC/WebService.asmx. The exploitation of this vulnera...
7.5
CVSS
8 months ago
CVE-2021-40853
TCMAN GIM does not perform an authorization check when trying to access determined resources. A remote attacker could exploit this vulnerability to ac...
7.2
CVSS
8 months ago
CVE-2021-40852
TCMAN GIM is affected by an open redirect vulnerability. This vulnerability allows the redirection of user navigation to pages controlled by the attac...
6.1
CVSS
8 months ago
http://www.vicarius.io
is owned and operated by Vicarius Ltd. (the “Company”). All information contained on the
Website is purely for informational, and educational purposes and should be independently
verified and confirmed. Vicarius does not accept any liability for any loss or damage
whatsoever caused in reliance upon such information or services. No statements or information
presented in any form by Vicarius is intended as fact, and you agree that you will not
consider the statements or information presented on the Website as fact or as a guarantee of
performance.