WeGIA 安全漏洞

WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.10 contained security vulnerabilities. These vulnerabilities were due to susceptibility to stored-xss attacks, which could allow authenticated users to inject malicious JavaScript...

EUVD-2024-51971

Malicious code in bioql PyPI...

PT-2025-28216 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.3 Description: A Cross-Site Scripting XSS Injection issue was found in WeGIA, a web manager for charitable institutions. The vulnerability is located in the novo memorando.php file. When a memo is submitted, the...

CVE-2025-27419

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Denial of Service DoS vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering. The vulnerabilit...

CVE-2024-53471

Multiple stored cross-site scripting XSS vulnerabilities in the component /configuracao/meiopagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter...

PT-2024-35750 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA version 3.2.0 Description: Multiple stored cross-site scripting XSS vulnerabilities in the component /configuracao/gateway pagamento.php allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id...

CVE-2024-53470

Multiple stored cross-site scripting XSS vulnerabilities in the component /configuracao/gatewaypagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter...