Wegia

Wegia

147 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2025-53823

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.07.2025 22:31:26
  • Zuletzt bearbeitet 15.07.2025 20:15:50

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint `/WeGIA/html/socio/sistema/processa_deletar_socio.php`, in the `id_soc...

6.1

CVE-2025-53822

Exploit
  • EPSS 0.03%
  • Veröffentlicht 14.07.2025 22:28:54
  • Zuletzt bearbeitet 15.07.2025 20:15:50

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `relatorio_geracao.php` endpoint of the WeGIA application prior to ver...

6.1

CVE-2025-53821

Exploit
  • EPSS 0.03%
  • Veröffentlicht 14.07.2025 22:16:30
  • Zuletzt bearbeitet 18.07.2025 20:08:33

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL ...

6.1

CVE-2025-53820

Exploit
  • EPSS 0.03%
  • Veröffentlicht 14.07.2025 20:47:33
  • Zuletzt bearbeitet 15.07.2025 20:15:49

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `index.php` endpoint of the WeGIA application prior to version 3.4.5. ...

7.5

CVE-2025-53530

Exploit
  • EPSS 0.15%
  • Veröffentlicht 07.07.2025 17:15:30
  • Zuletzt bearbeitet 10.07.2025 21:16:15

WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the errorstr parameter. Tests c...

7.5

CVE-2025-53531

Exploit
  • EPSS 0.15%
  • Veröffentlicht 07.07.2025 17:15:30
  • Zuletzt bearbeitet 10.07.2025 20:49:40

WeGIA is a web manager for charitable institutions. The Wegia server has a vulnerability that allows excessively long HTTP GET requests to a specific URL. This issue arises from the lack of validation for the length of the fid parameter. Tests confir...

9.8

CVE-2025-53529

Exploit
  • EPSS 0.16%
  • Veröffentlicht 07.07.2025 16:51:03
  • Zuletzt bearbeitet 10.07.2025 21:16:36

WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profile_funcionario.php endpoint. The id_funcionario parameter is not properly sanitized or validated before being used in a SQ...

9.8

CVE-2025-53527

Exploit
  • EPSS 0.05%
  • Veröffentlicht 07.07.2025 16:47:04
  • Zuletzt bearbeitet 10.07.2025 21:16:47

WeGIA is a web manager for charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in the almox parameter of the /controle/relatorio_geracao.php endpoint. This issue allows attacker to inject arbitrary SQL queries, pote...

6.1

CVE-2025-53526

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.07.2025 16:36:45
  • Zuletzt bearbeitet 10.07.2025 21:17:00

WeGIA is a web manager for charitable institutions. An XSS Injection vulnerability was identified in novo_memorando.php. After the memo was submitted, the vulnerability was confirmed by accessing listar_memorandos_antigos.php. Upon loading this page,...

6.1

CVE-2025-53525

Exploit
  • EPSS 0.03%
  • Veröffentlicht 07.07.2025 16:30:25
  • Zuletzt bearbeitet 10.07.2025 21:17:53

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the profile_familiar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in ...