6 matches found
WeGIA <= 3.6.4 - Remote Code Execution
WeGIA = 3.6.5 contains a remote code execution caused by improper validation of backup file names in the database restoration functionality, letting attackers with administrative access execute arbitrary OS commands id: CVE-2026-28409 info: name: WeGIA = 3.6.4 - Remote Code Execution author:...
CVE-2026-35399 WeGIA has Stored XSS in backup file names
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, a stored XSS vulnerability allows an attacker to inject malicious scripts through a backup filename. This could lead to unauthorized execution of malicious code in the victim's browser, compromising session data or executing...
CVE-2026-35399 WeGIA has Stored XSS in backup file names
WeGIA is a Web manager for charitable institutions. Prior to 3.6.9, a stored XSS vulnerability allows an attacker to inject malicious scripts through a backup filename. This could lead to unauthorized execution of malicious code in the victim's browser, compromising session data or executing...
WeGIA 跨站脚本漏洞
WeGIA is a network manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.6.9 contained a cross-site scripting vulnerability. This vulnerability stemmed from the ability for malicious scripts to be injected into backup file names,...
WeGIA 操作系统命令注入漏洞
WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.5 contained an operating system command injection vulnerability. This vulnerability stemmed from the improper handling of special backup file names by the database recovery function,...
CVE-2024-10028
The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.13 via the exposed process stats file during the backup process. This makes it possible for unauthenticat...