VYPR
Critical severity9.8NVD Advisory· Published May 6, 2025· Updated Jun 17, 2026

CVE-2025-40622

CVE-2025-40622

Description

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘username’ parameter of the ‘GetLastDatePasswordChange’ endpoint.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • TCMAN/GIMllm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: v11

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.