Lucene search
K

265 matches found

RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.9 views

CVE-2025-53937

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the /controle/control.php endpoint, specifically in the cargo parameter, of WeGIA prior to version 3.4.5. This vulnerability allows attackers to...

9.8CVSS7.9AI score0.00462EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.15 views

CVE-2025-53935

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...

6.4CVSS5.5AI score0.00271EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.9 views

CVE-2025-53936

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...

6.4CVSS5.5AI score0.00271EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.7 views

CVE-2025-53934

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the control.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject...

6.4CVSS5.2AI score0.0025EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/18 5:58 p.m.7 views

CVE-2025-53933

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarenfermidade.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...

6.4CVSS5.2AI score0.0025EPSS
Exploits1References1
NVD
NVD
added 2025/07/18 4:15 p.m.14 views

CVE-2025-54076

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the precadastroatendido.php endpoint of the WeGIA application. This vulnerability allows attacke...

6.5CVSS0.0024EPSS
Exploits1References1
OSV
OSV
added 2025/07/18 3:56 p.m.4 views

CVE-2025-54079 WeGIA vulnerable to SQL Injection (Blind Time-Based) in endpoint 'Profile_Atendido.php' parameter 'idatendido'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the endpoint /html/atendido/ProfileAtendido.php, in the idatendido parameter. This vulnerability allow an authorized...

9.4CVSS8.1AI score0.00371EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/07/18 3:55 p.m.3 views

CVE-2025-54078 WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'personalizacao_imagem.php' parameter 'err'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the personalizacaoimagem.php endpoint of the WeGIA application. This vulnerability allows...

6.5CVSS5.9AI score0.0024EPSS
Exploits1References1
CVE
CVE
added 2025/07/18 3:53 p.m.19 views

CVE-2025-54077

WeGIA is an open-source web manager vulnerable to a reflected XSS in the personalizacao.php endpoint. The flaw affects versions prior to 3.4.6 and allows an attacker to inject scripts via the err parameter. The issue originates from insufficient input handling in that endpoint, with the documente...

6.5CVSS5.5AI score0.0024EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/07/18 3:53 p.m.5 views

CVE-2025-54077 WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'personalizacao.php' parameter 'err'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the personalizacao.php endpoint of the WeGIA application. This vulnerability allows attackers to...

6.5CVSS5.6AI score0.0024EPSS
Exploits1References3
OSV
OSV
added 2025/07/18 3:50 p.m.5 views

CVE-2025-54076 WeGIA Reflected Cross-Site Scripting (XSS) vulnerability in endpoint 'pre_cadastro_atendido.php' parameter 'msg_e'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in versions prior to 3.4.6 in the precadastroatendido.php endpoint of the WeGIA application. This vulnerability allows attacke...

6.5CVSS5.7AI score0.0024EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/17 2:17 p.m.9 views

CVE-2025-54060 WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarInfoPessoal.php Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarInfoPessoal.php endpoint. This...

9.4CVSS0.00458EPSS
Exploits1References1
OSV
OSV
added 2025/07/17 2:2 p.m.4 views

CVE-2025-53946 WeGIA vulnerable to SQL Injection in endpoint profile_paciente.php parameter id_fichamedica

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.5 in the idfuncionario parameter of the /html/saude/profilepaciente.php endpoint. This vulnerability allows attacker to...

9.4CVSS7.5AI score0.00371EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.3 views

PT-2025-30057 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.6 Description: WeGIA is an open source web manager designed for the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability exists in the personalizacao.php endpoint...

7.8CVSS5.5AI score0.0024EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/07/17 12:0 a.m.3 views

PT-2025-30058 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.6 Description: WeGIA is an open source web manager designed for the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability exists that allows attackers to inject malicio...

7.8CVSS5.5AI score0.0024EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/07/16 11:1 p.m.11 views

CVE-2025-53822

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the relatoriogeracao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...

6.5CVSS6AI score0.0024EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/07/16 11:1 p.m.10 views

CVE-2025-53821

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL via the nextPage parameter, leading to an...

6.1CVSS7.3AI score0.00223EPSS
Exploits1References1
OSV
OSV
added 2025/07/16 4:3 p.m.3 views

CVE-2025-53937 WeGIA has SQL Injection (Blind Time-Based) Vulnerability in `cargo` Parameter on `control.php` Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the /controle/control.php endpoint, specifically in the cargo parameter, of WeGIA prior to version 3.4.5. This vulnerability allows attackers to...

9.4CVSS8.2AI score0.00462EPSS
Exploits1References3
OSV
OSV
added 2025/07/16 4:1 p.m.6 views

CVE-2025-53936 WeGIA vulnerable to Reflected Cross-Site Scripting via endpoint `personalizacao_selecao.php` parameter `nome_car`

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the personalizacaoselecao.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers...

6.4CVSS5.8AI score0.00271EPSS
Exploits1References3
CVE
CVE
added 2025/07/16 3:56 p.m.18 views

CVE-2025-53933

CVE-2025-53933 affects the WeGIA open-source web manager. A stored XSS vulnerability exists in the adicionar_enfermidade.php endpoint, where user input in the nome parameter can be stored on the server and later executed when affected pages are accessed. Affected versions are those prior to 3.4.5...

6.4CVSS5.2AI score0.0025EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder