Wegia

Wegia

178 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2025-50201

Exploit
  • EPSS 26.81%
  • Veröffentlicht 19.06.2025 03:34:29
  • Zuletzt bearbeitet 02.07.2025 16:21:03

WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, an OS Command Injection vulnerability was identified in the /html/configuracao/debug_info.php endpoint. The branch parameter is not properly sanitized before being concatenat...

9.8

CVE-2025-46828

Exploit
  • EPSS 0.57%
  • Veröffentlicht 07.05.2025 17:34:52
  • Zuletzt bearbeitet 02.07.2025 16:30:44

WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint `/html/socio/sistema/get_socios.php`, specifically in the query parameter. This i...

9.8

CVE-2025-30367

Exploit
  • EPSS 0.37%
  • Veröffentlicht 27.03.2025 16:30:34
  • Zuletzt bearbeitet 10.04.2025 14:39:09

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.6 in the nextPage parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL qu...

5.4

CVE-2025-30366

Exploit
  • EPSS 0.14%
  • Veröffentlicht 27.03.2025 16:29:45
  • Zuletzt bearbeitet 10.04.2025 14:51:47

WeGIA is a Web manager for charitable institutions. Versions prior to 3.2.8 are vulnerable to stored cross-site scripting. This vulnerability allows unauthorized scripts to be executed within the user's browser context. Stored XSS is particularly cri...

9.8

CVE-2025-30365

Exploit
  • EPSS 0.79%
  • Veröffentlicht 27.03.2025 16:28:45
  • Zuletzt bearbeitet 10.04.2025 15:02:52

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/socio/sistema/controller/query_geracao_auto.php, specifically in the query parameter. This vulnera...

9.8

CVE-2025-30364

Exploit
  • EPSS 0.86%
  • Veröffentlicht 27.03.2025 16:27:26
  • Zuletzt bearbeitet 10.04.2025 15:08:41

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/funcionario/remuneracao.php, in the id_funcionario parameter. This vulnerability allows the execut...

5.4

CVE-2025-30363

Exploit
  • EPSS 0.15%
  • Veröffentlicht 27.03.2025 16:26:08
  • Zuletzt bearbeitet 10.04.2025 15:09:44

WeGIA is a Web manager for charitable institutions. A stored Cross-Site Scripting (XSS) vulnerability was identified in versions prior to 3.2.6. This vulnerability allows unauthorized scripts to be executed within the user's browser context. Stored X...

5.4

CVE-2025-30362

Exploit
  • EPSS 0.14%
  • Veröffentlicht 27.03.2025 16:23:55
  • Zuletzt bearbeitet 10.04.2025 15:14:58

WeGIA is a Web manager for charitable institutions. A stored Cross-Site Scripting (XSS) vulnerability was identified in versions prior to 3.2.8. This vulnerability allows unauthorized scripts to be executed within the user's browser context. Stored X...

9.8

CVE-2025-30361

Exploit
  • EPSS 0.23%
  • Veröffentlicht 27.03.2025 16:22:42
  • Zuletzt bearbeitet 10.04.2025 15:16:33

WeGIA is a Web manager for charitable institutions. A security vulnerability was identified in versions prior to 3.2.6, where it is possible to change a user's password without verifying the old password. This issue exists in the control.php endpoint...

5.4

CVE-2025-29782

Exploit
  • EPSS 0.22%
  • Veröffentlicht 14.03.2025 19:15:49
  • Zuletzt bearbeitet 25.03.2025 20:12:23

WeGIA is Web manager for charitable institutions A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_docs_atendido.php` endpoint in versions of the WeGIA application prior to 3.2.17. This vulnerability allows attac...