TCMAN GIM v8.0.1 is vulnerable to a SQL injection via the 'SqlWhere' parameter inside the function 'BuscarESM'. The exploitation of this vulnerability might allow a remote attacker to directly interact with the database.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: INCIBE
Published: 2023-10-04T15:04:11.438Z
Updated: 2024-09-05T18:07:23.795Z
Reserved: 2022-07-18T12:09:35.736Z
Link: CVE-2022-36276
Vulnrichment
Updated: 2024-08-03T10:00:04.207Z
NVD
Status : Modified
Published: 2023-10-04T16:15:10.033
Modified: 2024-11-21T07:12:42.243
Link: CVE-2022-36276
Redhat
No data.