63 matches found
CVE-2026-35472
WeGIA (Web manager for charitable institutions) has an Open Redirect in the /WeGIA/controle/control.php endpoint, exploitable via the nextPage parameter when used with metodo=listarTodos and nomeClasse=EstoqueControle. The application does not validate/restrict nextPage, enabling redirects to arb...
CVE-2026-35398
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...
CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage']
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...
EUVD-2026-19498
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...
CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage']
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...
EUVD-2026-19496
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...
CVE-2026-35396 WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage']
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...
WeGIA 输入验证错误漏洞
WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation on the /WeGIA/controle/control.php endpoint, which did not...
WeGIA 输入验证错误漏洞
WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.9 contained a vulnerability related to input validation errors. This vulnerability stemmed from the lack of validation on the /WeGIA/controle/control.php endpoint, which did not...
PT-2026-30734
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...
PT-2026-30740
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IentradaControle. T...
PT-2026-30735
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarId Nome and...
CVE-2026-33716
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the standalone live stream control endpoint at plugin/Live/standAloneFiles/control.json.php accepts a user-supplied streamerURL parameter that overrides where the server sends token verification requests. An...
CVE-2026-28485 OpenClaw 2026.1.5 < 2026.2.12 - Missing Authentication in Browser Control HTTP Endpoints
OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or local processes can execute arbitrary browser-context...
CVE-2026-2929
A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub453140 of the file /boafrm/formWlAc of the component Wireless Access Control Endpoint. This manipulation of the argument submit-url causes stack-based buffer overflow. Remote exploitation of the attack is...
PT-2026-5982
Name of the Vulnerable Software and Affected Versions JEEWMS version 1.0 Description JEEWMS 1.0 is susceptible to SQL Injection. An attacker can inject malicious SQL statements through the id1 and id2 parameters in the /systemControl.do API endpoint. Recommendations Apply appropriate input...
CVE-2026-23728
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=DestinoControle...
CVE-2026-23730
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...
CVE-2026-23728
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=DestinoControle...
CVE-2026-23730 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=ProdutoControle)
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...