62 matches found
CVE-2026-23725
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting XSS vulnerability was identified in the html/pet/adotantes/cadastroadotante.php and html/pet/adotantes/informacaoadotantes.php endpoint of the WeGIA application. The application does not sanitize...
PT-2026-3308
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, a Stored Cross-Site Scripting XSS vulnerability was identified in the html/atendido/cadastro ocorrencia.php endpoint of the WeGIA application. The application does not sanitize user-controlled data before rendering it inside the...
WeGIA Cross-Site Script Vulnerabilities
WeGIA is a web manager for welfare institutions developed by Nilson Lazarin as an individual project. Versions of WeGIA prior to 3.6.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from the fact that the user-controlled data was not cleared before rendering the...
CVE-2025-62179
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62178
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62179
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62178
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62179
The CVE concerns WeGIA, an open source Web Manager for Institutions. A SQL injection vulnerability exists in the endpoint /html/funcionario/cadastro_funcionario_pessoa_existente.php, specifically in the cpf parameter, up to version 3.5.0. This flaw allows an attacker to execute arbitrary SQL comm...
CVE-2025-62179 WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62179 WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62178 WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido'
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178 WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido'
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
EUVD-2025-34102
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178
WeGIA (open source Web Manager for Institutions) prior to version 3.5.1 is affected by a Reflected XSS in the endpoint /html/atendido/cadastro_atendido_parentesco_pessoa_nova.php, where the idatendido parameter can be exploited to inject scripts. The vulnerability, described across multiple sourc...
PT-2025-41817
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a Web Manager for Institutions. A SQL Injection issue exists in the /html/funcionario/cadastro funcionario pessoa existente.php API endpoint, specifically affecting the cpf parameter. Successf...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.5.1, which originates from an unvalidated entry of the idatendido parameter in the...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A SQL injection vulnerability exists in WeGIA versions prior to 3.5.1, which stems from an SQL injection in the cpf parameter in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, whic...
EUVD-2025-25482
Malicious code in bioql PyPI...
EUVD-2024-27428
Malicious code in bioql PyPI...
EUVD-2025-30871
Malicious code in bioql PyPI...