CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

Vulnrichment•added 2026/05/27 3:25 p.m.•6 views

CVE-2026-45335 WeGIA: Middleware whitelist bypass → open redirect via InternoControle.nextPage

WeGIA is a web manager for charitable institutions. Prior to 3.7.3, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=InternoControle...

5.4CVSS5.9AI score0.00028EPSS

Exploits0References1

RedhatCVE•added 2026/04/07 11:1 p.m.•0 views

CVE-2026-35398

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos & listarIdNome and...

6.1CVSS6AI score0.00014EPSS

Exploits1References1

NVD•added 2026/04/06 10:16 p.m.•1 views

CVE-2026-35473

6.1CVSS0.00043EPSS

Exploits1References1

NVD•added 2026/04/06 9:16 p.m.•1 views

CVE-2026-35472

6.1CVSS0.00014EPSS

Exploits1References1

NVD•added 2026/04/06 9:16 p.m.•2 views

CVE-2026-35396

6.1CVSS0.00014EPSS

Exploits1References1

Positive Technologies•added 2026/04/06 12:0 a.m.•1 views

PT-2026-30737

5.1CVSS6AI score0.00014EPSS

Exploits1References2

CVE•added 2026/02/16 10:32 a.m.•13 views

CVE-2026-2551

CVE-2026-2551 affects ZenTao up to version 21.7.8. The vulnerability resides in the Backup Handler component, specifically the delete function in editor/control.php, where manipulating the fileName argument enables path traversal. This can be triggered remotely; exploitation has been publicly dis...

5.5CVSS5.5AI score0.00079EPSS

Exploits1References4Affected Software1

RedhatCVE•added 2026/01/17 8:27 p.m.•5 views

CVE-2026-23727

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=TipoSaidaControl...

6.1CVSS6.8AI score0.00055EPSS

Exploits1References1

EUVD•added 2026/01/16 7:48 p.m.•7 views

EUVD-2026-3121

4.8CVSS6.3AI score0.00017EPSS

Exploits1References3

OSV•added 2026/01/16 7:47 p.m.•4 views

CVE-2026-23729 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarDescricao, nomeClasse=ProdutoControle)

4.8CVSS6.8AI score0.00017EPSS

Exploits1References5

ATTACKERKB•added 2026/01/16 7:47 p.m.•3 views

CVE-2026-23729

6.1CVSS5.6AI score0.00017EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/01/16 7:46 p.m.•20 views

CVE-2026-23728 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=DestinoControle)

4.8CVSS0.00017EPSS

Exploits1References3

OSV•added 2026/01/16 7:46 p.m.•4 views

CVE-2026-23728 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=DestinoControle)

4.8CVSS6.8AI score0.00017EPSS

Exploits1References5

CVE•added 2026/01/16 7:41 p.m.•20 views

CVE-2026-23727

WeGIA is vulnerable to an Open Redirect in the /WeGIA/controle/control.php endpoint, exploitable via the nextPage parameter when paired with metodo=listarTodos and nomeClasse=TipoSaidaControle. The app does not validate/restrict nextPage, allowing attackers to redirect users to arbitrary external...

6.1CVSS6.4AI score0.00055EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/01/16 7:41 p.m.•20 views

CVE-2026-23727 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoSaidaControle)

4.8CVSS0.00055EPSS

Exploits1References3

ATTACKERKB•added 2026/01/16 7:40 p.m.•1 views

CVE-2026-23726

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, An Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and...

6.1CVSS5.6AI score0.00017EPSS

Exploits1References4Affected Software1

EUVD•added 2026/01/16 7:40 p.m.•3 views

EUVD-2026-3118

4.8CVSS6.3AI score0.00017EPSS

Exploits1References3

CVE•added 2026/01/16 7:40 p.m.•15 views

CVE-2026-23726

The CVE-2026-23726 issue affects WeGIA, a web manager for charitable institutions. Affected component is the /WeGIA/controle/control.php endpoint, where the nextPage parameter (used with metodo=listarTodos and nomeClasse=TipoEntradaControle) is not validated or restricted, enabling open redirects...

6.1CVSS6.4AI score0.00017EPSS

Exploits1References3Affected Software1

Vulnrichment•added 2025/10/02 8:25 p.m.•3 views

CVE-2025-61606 WeGIA: Open Redirect Vulnerability in `control.php` endpoint

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an Open Redirect vulnerability, identified in the control.php endpoint, specifically in the nextPage parameter metodo=listarUmnomeClasse=FuncionarioControle. This vulnerability allows...

4.8CVSS6.4AI score0.0004EPSS

Exploits1References2

Cvelist•added 2025/10/02 8:25 p.m.•8 views

CVE-2025-61606 WeGIA: Open Redirect Vulnerability in `control.php` endpoint

4.8CVSS0.0004EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by