Lucene search
K

63 matches found

CVE
CVE
added 2026/04/06 9:5 p.m.15 views

CVE-2026-35472

WeGIA (Web manager for charitable institutions) has an Open Redirect in the /WeGIA/controle/control.php endpoint, exploitable via the nextPage parameter when used with metodo=listarTodos and nomeClasse=EstoqueControle. The application does not validate/restrict nextPage, enabling redirects to arb...

6.1CVSS6AI score0.00224EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:4 p.m.4 views

CVE-2026-35398

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...

5.1CVSS6AI score0.00228EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2026/04/06 9:4 p.m.18 views

CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage']

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...

5.1CVSS0.00228EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/06 9:4 p.m.7 views

EUVD-2026-19498

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...

5.1CVSS6AI score0.00228EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/04/06 9:4 p.m.2 views

CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage']

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...

5.1CVSS6AI score0.00228EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/06 9:2 p.m.4 views

EUVD-2026-19496

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...

5.1CVSS6AI score0.00224EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/06 9:2 p.m.15 views

CVE-2026-35396 WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage']

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...

5.1CVSS0.00224EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.9 views

WeGIA 输入验证错误漏洞

WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation on the /WeGIA/controle/control.php endpoint, which did not...

6.1CVSS5.8AI score0.00224EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/04/06 12:0 a.m.6 views

WeGIA 输入验证错误漏洞

WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation on the /WeGIA/controle/control.php endpoint, which did not...

6.1CVSS5.8AI score0.00228EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.5 views

PT-2026-30734

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...

5.1CVSS6AI score0.00224EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.2 views

PT-2026-30740

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IentradaControle. T...

5.1CVSS6AI score0.00183EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/06 12:0 a.m.2 views

PT-2026-30735

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarId Nome and...

5.1CVSS6AI score0.00228EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/23 6:46 p.m.3 views

CVE-2026-33716

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the standalone live stream control endpoint at plugin/Live/standAloneFiles/control.json.php accepts a user-supplied streamerURL parameter that overrides where the server sends token verification requests. An...

9.4CVSS5.8AI score0.00437EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2026/03/05 9:59 p.m.27 views

CVE-2026-28485 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context...

8.4CVSS0.00196EPSS
Exploits0References3
OSV
OSV
added 2026/02/22 6:16 a.m.4 views

CVE-2026-2929

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is...

8.8CVSS6.2AI score0.00728EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/02/03 12:0 a.m.7 views

PT-2026-5982

Name of the Vulnerable Software and Affected Versions JEEWMS version 1.0 Description JEEWMS 1.0 is susceptible to SQL Injection. An attacker can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do API endpoint. Recommendations Apply appropriate input...

6.5CVSS5.7AI score0.00215EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/17 8:27 p.m.6 views

CVE-2026-23728

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=DestinoControle...

6.1CVSS6.8AI score0.00212EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/17 8:27 p.m.5 views

CVE-2026-23730

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...

6.1CVSS6.8AI score0.00212EPSS
Exploits1References1
NVD
NVD
added 2026/01/16 8:15 p.m.11 views

CVE-2026-23728

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=DestinoControle...

6.1CVSS0.00212EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/16 7:48 p.m.4 views

CVE-2026-23730 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=ProdutoControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...

4.8CVSS6.4AI score0.00212EPSS
Exploits1References3
Rows per page
Query Builder