EUVD-2025-21890

Malicious code in bioql PyPI...

EUVD-2025-21720

Malicious code in bioql PyPI...

CVE-2025-58454

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior inthe endpoint /WeGIA/html/memorando/listardespachos.php, in the idmemorando parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL...

PT-2025-34255 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.7 Description: WeGIA is a Web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability exists in the insere despacho.php endpoint of the WeGIA application. This vulnerability allows...

PT-2025-34256 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.7 Description: WeGIA is a Web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability exists in the cargos.php endpoint of the application. This vulnerability allows attackers to...

CVE-2025-54078

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the personalizacaoimagem.php endpoint of the WeGIA application. This vulnerability allows...

CVE-2025-54077

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the personalizacao.php endpoint of the WeGIA application. This vulnerability allows attackers to...

CVE-2025-54062

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...

CVE-2025-53933

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarenfermidade.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...

CVE-2025-53934

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the control.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject...

CVE-2025-53935

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...

CVE-2025-53936

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...

CVE-2025-53937

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the /controle/control.php endpoint, specifically in the cargo parameter, of WeGIA prior to version 3.4.5. This vulnerability allows attackers to...

CVE-2025-54076

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the precadastroatendido.php endpoint of the WeGIA application. This vulnerability allows attacke...

CVE-2025-54079 WeGIA vulnerable to SQL Injection (Blind Time-Based) in endpoint 'Profile_Atendido.php' parameter 'idatendido'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the endpoint /html/atendido/ProfileAtendido.php, in the idatendido parameter. This vulnerability allow an authorized...

CVE-2025-54078 WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'personalizacao_imagem.php' parameter 'err'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the personalizacaoimagem.php endpoint of the WeGIA application. This vulnerability allows...

CVE-2025-54077

WeGIA is an open-source web manager vulnerable to a reflected XSS in the personalizacao.php endpoint. The flaw affects versions prior to 3.4.6 and allows an attacker to inject scripts via the err parameter. The issue originates from insufficient input handling in that endpoint, with the documente...

CVE-2025-54077 WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'personalizacao.php' parameter 'err'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the personalizacao.php endpoint of the WeGIA application. This vulnerability allows attackers to...

CVE-2025-54076 WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'pre_cadastro_atendido.php' parameter 'msg_e'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the precadastroatendido.php endpoint of the WeGIA application. This vulnerability allows attacke...

CVE-2025-54060 WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarInfoPessoal.php Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarInfoPessoal.php endpoint. This...