Lucene search
K

8 matches found

OSV
OSV
added 2026/01/16 7:38 p.m.6 views

CVE-2026-23725 WeGIA Stored Cross-Site Scripting (XSS) – nome Parameter on Adopters Information Page

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting XSS vulnerability was identified in the html/pet/adotantes/cadastroadotante.php and html/pet/adotantes/informacaoadotantes.php endpoint of the WeGIA application. The application does not sanitize...

5.3CVSS5.4AI score0.00213EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/01/16 7:38 p.m.5 views

CVE-2026-23725 WeGIA Stored Cross-Site Scripting (XSS) – nome Parameter on Adopters Information Page

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting XSS vulnerability was identified in the html/pet/adotantes/cadastroadotante.php and html/pet/adotantes/informacaoadotantes.php endpoint of the WeGIA application. The application does not sanitize...

5.3CVSS5AI score0.00213EPSS
Exploits1References3
CVE
CVE
added 2026/01/16 7:38 p.m.22 views

CVE-2026-23725

WeGIA stores XSS in the Adopters Information page (html/pet/adotantes/cadastro_adotante.php and html/pet/adotantes/informacao_adotantes.php) where user input is rendered without sanitization, enabling persistent JavaScript execution for visitors. This vulnerability affects pre-3.6.2 versions and ...

5.4CVSS5AI score0.00213EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/16 7:38 p.m.1 views

CVE-2026-23725

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting XSS vulnerability was identified in the html/pet/adotantes/cadastroadotante.php and html/pet/adotantes/informacaoadotantes.php endpoint of the WeGIA application. The application does not sanitize...

5.4CVSS5.5AI score0.00213EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/16 12:0 a.m.22 views

PT-2026-3309

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.2 Description WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting XSS issue exists in the application due to a failure to sanitize user-controlled input before rendering it. This allows...

5.3CVSS5.6AI score0.00213EPSS
Exploits1References8
Packet Storm News
Packet Storm News
added 2025/01/14 12:0 a.m.3 views

CISA: AI Cybersecurity Collaboration Playbook

The AI Cybersecurity Collaboration Playbook provides guidance to organizations across the AI community – including AI providers, developers, and adopters – for sharing AI-related cybersecurity information voluntarily with the Cybersecurity and Infrastructure Security Agency CISA and other partner...

6.7AI score
Exploits0
OSV
OSV
added 2023/05/11 8:47 p.m.18 views

GHSA-WC64-C5RV-32PF in-toto vulnerable to Configuration Read From Local Directory

Impact The in-toto configuration is read from various directories and allows users to configure the behavior of the framework. The files are from directories following the XDG base directory specification 1. Among the files read is .intotorc which is a hidden file in the directory in which in-tot...

5.5CVSS5.5AI score0.00241EPSS
Exploits0References8
Imperva Blog
Imperva Blog
added 2019/10/30 11:3 a.m.602 views

Tracking CVE-2019-11043 PHP Vulnerability – An Uncommon Chain of Events

On October 22, security researcher Omar Ganiev published a tweet regarding remote code execution vulnerability in PHP-FPM the FastCGI Process Manager running on the Nginx server. The tweet includes a link to a GitHub repository with an explanation of the vulnerability and a PoC proof-of-concept f...

7.5CVSS10AI score0.9947EPSS
Exploits55
Rows per page
Query Builder