Lucene search
K

4 matches found

CVE
CVE
added 2025/09/08 10:40 p.m.16 views

CVE-2025-58745

The CVE-2025-58745 entry concerns WeGIA, a Web manager for charitable institutions. Technical details from connected documents show an arbitrary file upload vulnerability where MIME-type validation for Excel files at /html/socio/sistema/controller/controla_xlsx.php can be bypassed by embedding Ex...

9.9CVSS7.3AI score0.00705EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2025/01/07 10:10 p.m.24 views

CVE-2025-22133

creationtimestamp| type| source ---|---|--- 2025-01-07 22:10:14+00:00| seen| https://infosec.exchange/users/cve/statuses/113789358208827936 2025-01-07 22:16:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf6ofmiwrn22 2025-01-07 22:36:49+00:00|...

9.9CVSS5.7AI score0.00709EPSS
Exploits1References9
Cvelist
Cvelist
added 2025/01/07 10:7 p.m.53 views

CVE-2025-22133 WeGIA Allows Arbitrary File Upload with Remote Code Execution (RCE)

WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controlaxlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious files, such as .phar,...

9.9CVSS0.00709EPSS
Exploits1References2
CVE
CVE
added 2025/01/07 10:7 p.m.70 views

CVE-2025-22133

Summary of the CVE-2025-22133 family (WeGIA): WeGIA Web Manager prior to version 3.2.8 had a critical arbitrary-file-upload vulnerability at /html/socio/sistema/controller/controla_xlsx.php that allowed uploading files such as .phar, enabling server execution. The issue persisted in later advisor...

9.9CVSS9.3AI score0.00709EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder