CVE-2026-35396 WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage']

WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarId and nomeClasse=IsaidaControle. The...

CVE-2026-23730

CVE-2026-23730 describes an Open Redirect in WeGIA web manager before version 3.6.2. The flaw lies in /WeGIA/controle/control.php via the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle, where nextPage is not validated or restricted. This enables attackers ...

CVE-2026-23729 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarDescricao, nomeClasse=ProdutoControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarDescricao and...

CVE-2026-23727 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoSaidaControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=TipoSaidaControl...