Wegia

Wegia

162 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-58745

Exploit
  • EPSS 0.22%
  • Veröffentlicht 08.09.2025 22:40:56
  • Zuletzt bearbeitet 17.09.2025 16:24:10

WeGIA is a Web manager for charitable institutions. The fix for CVE-2025-22133 was not enough to remediate the arbitrary file upload vulnerability. The WeGIA only check MIME types for Excel files at endpoint `/html/socio/sistema/controller/controla_x...

8.2

CVE-2025-58454

Exploit
  • EPSS 0.05%
  • Veröffentlicht 08.09.2025 22:35:04
  • Zuletzt bearbeitet 17.09.2025 16:29:29

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior inthe endpoint /WeGIA/html/memorando/listar_despachos.php, in the id_memorando parameter. This vulnerability allow an ...

8.2

CVE-2025-58453

Exploit
  • EPSS 0.05%
  • Veröffentlicht 08.09.2025 22:28:40
  • Zuletzt bearbeitet 17.09.2025 16:31:24

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior in the endpoint /WeGIA/html/memorando/exibe_anexo.php, in the id_anexo parameter. This vulnerability allow an authoriz...

6.1

CVE-2025-58452

Exploit
  • EPSS 0.03%
  • Veröffentlicht 08.09.2025 22:26:24
  • Zuletzt bearbeitet 17.09.2025 16:35:57

WeGIA is a Web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_despachos.php endpoint of the WeGIA application prior to version 3.4.11. This vulnerability allows attackers to inje...

8.8

CVE-2025-58159

Exploit
  • EPSS 0.65%
  • Veröffentlicht 29.08.2025 22:15:12
  • Zuletzt bearbeitet 24.09.2025 18:36:12

WeGIA is a Web manager for charitable institutions. Prior to version 3.4.11, a remote code execution vulnerability was identified, caused by improper validation of uploaded files. The application allows an attacker to upload files with arbitrary file...

8.2

CVE-2025-57764

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.08.2025 17:15:32
  • Zuletzt bearbeitet 22.08.2025 21:51:18

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the cargos.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scrip...

8.2

CVE-2025-57765

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.08.2025 17:15:32
  • Zuletzt bearbeitet 22.08.2025 21:50:26

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the pre_cadastro_adotante.php endpoint of the WeGIA application. This vulnerability allows attackers to inject ...

6.1

CVE-2025-57763

Exploit
  • EPSS 0.03%
  • Veröffentlicht 21.08.2025 16:59:37
  • Zuletzt bearbeitet 22.08.2025 21:11:52

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting (XSS) vulnerability in the insere_despacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious sc...

6.1

CVE-2025-57762

Exploit
  • EPSS 0.03%
  • Veröffentlicht 21.08.2025 16:46:54
  • Zuletzt bearbeitet 22.08.2025 21:12:45

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting (XSS) vulnerability in the dependente_docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malici...

8.8

CVE-2025-57761

Exploit
  • EPSS 0.05%
  • Veröffentlicht 21.08.2025 16:40:16
  • Zuletzt bearbeitet 22.08.2025 21:13:42

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_funcionario parameter. This vulnerability allows attackers to...