CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

May 6, 2025

CVE ID : CVE-2025-40624

Published : May 6, 2025, 11:15 a.m. | 36 minutes ago

Description : SQL injection in TCMAN’s GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ and “email” parameters of the ‘updatePassword’ endpoint.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-40625 – TCMAN GIM Unauthenticated File Upload RCE

Next Article CVE-2025-4347 – D-Link DIR-600L Critical FormWlSiteSurvey Buffer Overflow Vulnerability

This week in AI dev tools: Gemini 2.5 Pro and Flash GA, GitHub Copilot Spaces, and more (June 20, 2025)

Gemini 2.5 Pro and Flash are generally available and Gemini 2.5 Flash-Lite preview is announced

CSS Cascade Layers Vs. BEM Vs. Utility Classes: Specificity Control

IBM launches new integration to help unify AI security and governance

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

DistroWatch Weekly, Issue 1127

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Understanding JavaScript Promise

Lakeflow: Revolutionizing SCD2 Pipelines with Change Data Capture (CDC)

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

I used Lenovo’s latest dual-screen OLED laptop for a month and it wouldn’t be my first choice — here’s why

Here’s how I fixed a dead Steam Deck screen — with Valve proving they still have the best customer service in gaming

Borderlands 4 drops stunning new story trailer

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

WordPress Motors theme flaw mass-exploited to hijack admin accounts

Weekly Cybersecurity News Recap – Top Vulnerabilities, Threat and Data Breaches

CVE-2025-37799 – vmxnet3 Linux Kernel Malformed Packet Sizing Vulnerability

CVE-2025-37882 – Linux Kernel USB xHCI Isochronous Ring Handling Vulnerability

I tested this superb gaming laptop, and it proves that NVIDIA’s RTX 5090 is still a massive waste of money

CVE-2025-5791 – Rust Crate Root Group Privilege Escalation

Certifications | A rocket fuel for growth

How to Find and Manage Your IP Address: A Step-by-Step Guide

CVE-2025-23377 – Dell PowerProtect Data Manager Cross-Site Scripting (XSS)

rbw is an unofficial Bitwarden CLI

CVE-2025-40624 – TCMAN’s GIM SQL Injection Vulnerability

Related Posts