CVE-2026-23727 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoSaidaControle)

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=TipoSaidaControl...

The vulnerability of the control.php script of the WeGIA web manager allows a hacker to execute arbitrary code.

The vulnerability of the control.php script of the WeGIA web manager is related to the failure to protect the SQL query structure when processing the cargo parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2025-53821 WeGIA vulnerable to Open Redirect in endpoint 'control.php' parameter 'nextPage'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. An Open Redirect vulnerability exists in the web application prior to version 3.4.5. The control.php endpoint allows to specify an arbitrary URL via the nextPage parameter, leading to an...

PT-2025-29863 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.5 Description: WeGIA is an open-source web manager designed for Portuguese-language use and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability exists in the control.php endpoint. This allows...

蝉知企业门户 control.php 任意文件读取漏洞

No description provided by source...