Wegia

Wegia

162 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2025-62358

Exploit
  • EPSS 0.07%
  • Veröffentlicht 13.10.2025 21:16:40
  • Zuletzt bearbeitet 20.10.2025 16:02:20

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracao_geral.php is vulnerable to Reflected Cross-Site Scripting (XSS). An attacker can inject arbitrary JavaSc...

8.8

CVE-2025-62179

Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.10.2025 21:13:59
  • Zuletzt bearbeitet 20.10.2025 16:01:53

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastro_funcionario_pessoa_existente.php endpoint, specifically in ...

5.4

CVE-2025-62178

Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.10.2025 21:12:16
  • Zuletzt bearbeitet 20.10.2025 16:06:38

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the /html/atendido/cadastro_atendido_parentesco_pessoa_nova.php end...

8.8

CVE-2025-62177

Exploit
  • EPSS 0.05%
  • Veröffentlicht 13.10.2025 21:09:29
  • Zuletzt bearbeitet 20.10.2025 16:06:57

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependente_listar.php endpoint, specifically in the id_funcionario p...

7.5

CVE-2025-61665

Exploit
  • EPSS 0.15%
  • Veröffentlicht 02.10.2025 20:39:09
  • Zuletzt bearbeitet 07.10.2025 15:41:23

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Broken Access Control vulnerability, identified in the get_relatorios_socios.php endpoint. This vulnerability allows unauthenticated atta...

6.1

CVE-2025-61606

Exploit
  • EPSS 0.03%
  • Veröffentlicht 02.10.2025 20:25:58
  • Zuletzt bearbeitet 07.10.2025 15:41:49

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an Open Redirect vulnerability, identified in the control.php endpoint, specifically in the nextPage parameter (metodo=listarUmnomeClasse=F...

9.8

CVE-2025-61605

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.10.2025 20:13:02
  • Zuletzt bearbeitet 07.10.2025 15:42:02

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profile_pet.php endpoint, specifically in the id_pet parameter. This vulner...

7.1

CVE-2025-61604

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.10.2025 20:09:23
  • Zuletzt bearbeitet 07.10.2025 15:42:57

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Cross-Site Request Forgery (CSRF) vulnerability. The delete operation for the Almoxarifado entity is exposed via HTTP GET without CSRF pr...

9.8

CVE-2025-61603

Exploit
  • EPSS 0.03%
  • Veröffentlicht 02.10.2025 19:53:36
  • Zuletzt bearbeitet 07.10.2025 15:43:15

WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attack...

8.8

CVE-2025-59939

Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.09.2025 01:15:43
  • Zuletzt bearbeitet 06.10.2025 15:05:36

WeGIA is a Web manager for charitable institutions. Prior to version 3.5.0, WeGIA is vulnerable to SQL Injection attacks in the control.php endpoint with the following parameters: nomeClasse=ProdutoControle&metodo=excluir&id_produto=[malicious comman...