CVE-2022-36276

Name of the Vulnerable Software and Affected Versions TCMAN GIM version 8.0.1

Description The issue is related to a SQL injection vulnerability via the SqlWhere parameter inside the BuscarESM function. This could allow a remote attacker to directly interact with the database.

Recommendations For TCMAN GIM version 8.0.1, consider disabling the BuscarESM function or restricting access to the SqlWhere parameter until a patch is available. Additionally, restrict interactions with the database to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.