9 matches found
CVE-2025-62179
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62179
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62179
The CVE concerns WeGIA, an open source Web Manager for Institutions. A SQL injection vulnerability exists in the endpoint /html/funcionario/cadastro_funcionario_pessoa_existente.php, specifically in the cpf parameter, up to version 3.5.0. This flaw allows an attacker to execute arbitrary SQL comm...
CVE-2025-62179 WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A SQL injection vulnerability exists in WeGIA versions prior to 3.5.1, which stems from an SQL injection in the cpf parameter in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, whic...
WeGIA 代码注入漏洞
WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the parameter Nome/Sobrenome in the file /html/funcionario/cadastrofuncionario.php, for which no detailed...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA version 2.3.6, which stems from the cpf parameter of the cadastrofuncionario.php page containing a reflected cross-site scripting vulnerability...
PT-2025-4782 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.7 Description: A Reflected Cross-Site Scripting XSS issue was identified in the "pre cadastro funcionario.php" endpoint of the WeGIA application. This issue allows attackers to inject malicious scripts in the msg e...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA version 2.3.7, which stems from a reflected cross-site scripting vulnerability contained in the msge parameter of the precadastrofuncionario.php page...