Wegia

Wegia

178 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-58159

Exploit
  • EPSS 0.78%
  • Veröffentlicht 29.08.2025 22:15:12
  • Zuletzt bearbeitet 24.09.2025 18:36:12

WeGIA is a Web manager for charitable institutions. Prior to version 3.4.11, a remote code execution vulnerability was identified, caused by improper validation of uploaded files. The application allows an attacker to upload files with arbitrary file...

8.2

CVE-2025-57764

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.08.2025 17:15:32
  • Zuletzt bearbeitet 22.08.2025 21:51:18

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the cargos.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scrip...

8.2

CVE-2025-57765

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.08.2025 17:15:32
  • Zuletzt bearbeitet 22.08.2025 21:50:26

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the pre_cadastro_adotante.php endpoint of the WeGIA application. This vulnerability allows attackers to inject ...

6.1

CVE-2025-57763

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.08.2025 16:59:37
  • Zuletzt bearbeitet 22.08.2025 21:11:52

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting (XSS) vulnerability in the insere_despacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious sc...

6.1

CVE-2025-57762

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.08.2025 16:46:54
  • Zuletzt bearbeitet 22.08.2025 21:12:45

WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Stored Cross-Site Scripting (XSS) vulnerability in the dependente_docdependente.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malici...

8.8

CVE-2025-57761

Exploit
  • EPSS 0.05%
  • Veröffentlicht 21.08.2025 16:40:16
  • Zuletzt bearbeitet 22.08.2025 21:13:42

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependente_remover.php endpoint, specifically in the id_funcionario parameter. This vulnerability allows attackers to...

7.5

CVE-2025-55171

  • EPSS 0.07%
  • Veröffentlicht 12.08.2025 20:17:19
  • Zuletzt bearbeitet 14.08.2025 01:33:13

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, the application does not check authentication at endpoint /html/personalizacao_remover.php allowing anonymous attacker (w...

7.4

CVE-2025-55170

Exploit
  • EPSS 0.06%
  • Veröffentlicht 12.08.2025 20:12:33
  • Zuletzt bearbeitet 14.08.2025 01:34:13

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a reflected cross-site scripting (XSS) vulnerability was identified in the /html/alterar_senha.php endpoint of the WeGIA ...

6.5

CVE-2025-55169

Exploit
  • EPSS 1.62%
  • Veröffentlicht 12.08.2025 19:15:36
  • Zuletzt bearbeitet 14.08.2025 01:30:59

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal vulnerability was discovered in the WeGIA application, html/socio/sistema/download_remessa.php endpoint....

9.8

CVE-2025-55168

Exploit
  • EPSS 0.06%
  • Veröffentlicht 12.08.2025 18:56:45
  • Zuletzt bearbeitet 14.08.2025 01:30:09

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/saude/aplicar_medicamento.php endpoint, specifically in the id_...