CVE-2025-40665

Publication date

2025-05-26 12:48:08

Family

INCIBE

State

PUBLISHED

Description

Time-based blind SQL injection vulnerabilities in TCMANs GIM v11. These allow an attacker to retrieve, create, update and delete databases through ArbolID parameter in /GIMWeb/PC/frmCorrectivosList.aspx.