Critical severity9.8NVD Advisory· Published May 6, 2025· Updated Jun 17, 2026
CVE-2025-40620
CVE-2025-40620
Description
SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ parameter of the ‘ValidateUserAndWS’ endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcmans-gimnvdThird Party Advisory
News mentions
0No linked articles in our index yet.