9 matches found
CVE-2025-61604
WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Cross-Site Request Forgery CSRF vulnerability. The delete operation for the Almoxarifado entity is exposed via HTTP GET without CSRF protection, allowing a third-party site to trigger...
EUVD-2025-32204
Malicious code in bioql PyPI...
CVE-2025-61604
WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Cross-Site Request Forgery CSRF vulnerability. The delete operation for the Almoxarifado entity is exposed via HTTP GET without CSRF protection, allowing a third-party site to trigger...
CVE-2025-61604
WeGIA CSRF in delete operation (Almoxarifado) affects versions 3.4.12 and earlier of WeGIA, where the delete endpoint is exposed via HTTP GET without CSRF protection, allowing an attacker to trigger actions using a victim’s authenticated session. This vulnerability is fixed in version 3.5.0. Impa...
CVE-2025-61604 WeGIA: Cross-Site Request Forgery (CSRF) Vulnerability in `control.php` Endpoint
WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Cross-Site Request Forgery CSRF vulnerability. The delete operation for the Almoxarifado entity is exposed via HTTP GET without CSRF protection, allowing a third-party site to trigger...
CVE-2025-61604 WeGIA: Cross-Site Request Forgery (CSRF) Vulnerability in `control.php` Endpoint
WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Cross-Site Request Forgery CSRF vulnerability. The delete operation for the Almoxarifado entity is exposed via HTTP GET without CSRF protection, allowing a third-party site to trigger...
CVE-2025-61604 WeGIA: Cross-Site Request Forgery (CSRF) Vulnerability in `control.php` Endpoint
WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Cross-Site Request Forgery CSRF vulnerability. The delete operation for the Almoxarifado entity is exposed via HTTP GET without CSRF protection, allowing a third-party site to trigger...
WeGIA 安全漏洞
WeGIA is a web manager for welfare organizations from the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA version 3.4.12 and earlier, which stems from a deletion operation of an Almoxarifado entity that is exposed via HTTP GET and lacks cross-site request forgery...
PT-2025-40425
Name of the Vulnerable Software and Affected Versions WeGIA versions 3.4.12 and below Description WeGIA, a web manager designed for charitable institutions, is susceptible to a Cross-Site Request Forgery CSRF issue. The deletion function for the Almoxarifado entity is accessible through an HTTP G...