Wegia

Wegia

162 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-28411

Exploit
  • EPSS 0.27%
  • Veröffentlicht 27.02.2026 21:52:05
  • Zuletzt bearbeitet 03.03.2026 17:56:18

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vulnera...

7.2

CVE-2026-28409

Exploit
  • EPSS 0.22%
  • Veröffentlicht 27.02.2026 21:50:21
  • Zuletzt bearbeitet 03.03.2026 18:20:07

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access (which can b...

9.8

CVE-2026-28408

Exploit
  • EPSS 0.05%
  • Veröffentlicht 27.02.2026 21:49:14
  • Zuletzt bearbeitet 03.03.2026 18:22:19

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A maliciou...

4.3

CVE-2026-23731

Exploit
  • EPSS 0.02%
  • Veröffentlicht 16.01.2026 19:50:16
  • Zuletzt bearbeitet 30.01.2026 18:30:32

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, The web application is vulnerable to clickjacking attacks. The WeGIA application does not send any defensive HTTP headers related to framing protection. In particular, X-Frame-Option...

6.1

CVE-2026-23730

Exploit
  • EPSS 0.01%
  • Veröffentlicht 16.01.2026 19:48:23
  • Zuletzt bearbeitet 30.01.2026 18:30:19

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with met...

6.1

CVE-2026-23729

Exploit
  • EPSS 0.01%
  • Veröffentlicht 16.01.2026 19:47:10
  • Zuletzt bearbeitet 30.01.2026 18:30:09

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with met...

6.1

CVE-2026-23728

Exploit
  • EPSS 0.01%
  • Veröffentlicht 16.01.2026 19:46:07
  • Zuletzt bearbeitet 30.01.2026 18:29:58

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with met...

6.1

CVE-2026-23727

Exploit
  • EPSS 0.04%
  • Veröffentlicht 16.01.2026 19:41:46
  • Zuletzt bearbeitet 30.01.2026 18:29:51

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with met...

6.1

CVE-2026-23726

Exploit
  • EPSS 0.01%
  • Veröffentlicht 16.01.2026 19:40:05
  • Zuletzt bearbeitet 30.01.2026 18:29:14

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, An Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with met...

5.4

CVE-2026-23725

Exploit
  • EPSS 0.01%
  • Veröffentlicht 16.01.2026 19:38:27
  • Zuletzt bearbeitet 30.01.2026 18:29:24

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting (XSS) vulnerability was identified in the html/pet/adotantes/cadastro_adotante.php and html/pet/adotantes/informacao_adotantes.php endpoint of the WeGIA...