CVE-2025-55167

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...

The vulnerability of the WeGIA web manager for charitable organizations, which arises due to the failure to take measures to neutralize special elements, allows a violator to execute arbitrary commands.

The vulnerability of the WeGIA web manager exists due to the lack of measures taken to neutralize special elements during the processing of the branch parameter. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands with user privileges of the web server www-data...

Charities and the advertising industry: data ecosystems and privacy risks

Data makes the world go round, more often than not via advertising and its tracking mechanisms. Whether you think making money from large volumes of PII to keep the web ticking over is a good thing, or a sleazy data-grab often encouraging terrible ad practices, it’s not going to go away anytime...

El Paso and Dayton Tragedy-Related Scams and Malware Campaigns

In the wake of the recent shootings in El Paso, TX, and Dayton, OH, the Cybersecurity and Infrastructure Security Agency CISA advises users to watch out for possible malicious cyber activity seeking to capitalize on these tragic events. Users should exercise caution in handling emails related to...

Potential Hurricane Matthew Phishing Scams

US-CERT warns users to remain vigilant for malicious cyber activity seeking to capitalize on interest in Hurricane Matthew. Users are advised to exercise caution in handling any email with subject line, attachments, or hyperlinks related to Hurricane Matthew, even if it appears to originate from ...