27 matches found
CVE-2025-62179
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62179
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62179 WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
EUVD-2025-34097
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62179 WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
CVE-2025-62179
The CVE concerns WeGIA, an open source Web Manager for Institutions. A SQL injection vulnerability exists in the endpoint /html/funcionario/cadastro_funcionario_pessoa_existente.php, specifically in the cpf parameter, up to version 3.5.0. This flaw allows an attacker to execute arbitrary SQL comm...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A SQL injection vulnerability exists in WeGIA versions prior to 3.5.1, which stems from an SQL injection in the cpf parameter in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, whic...
PT-2025-41817
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a Web Manager for Institutions. A SQL Injection issue exists in the /html/funcionario/cadastro funcionario pessoa existente.php API endpoint, specifically affecting the cpf parameter. Successf...
EUVD-2025-6771
Malicious code in bioql PyPI...
EUVD-2025-3081
Malicious code in bioql PyPI...
The vulnerability of the cadastro_adotante.php web manager of WeGIA allows attackers to perform cross-site scripting attacks (XSS).
The vulnerability of the cadastroadotante.php script of the WeGIA web manager is related to the lack of measures taken to protect the structure of the web page when processing the cpf parameter. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS...
CVE-2025-53932
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the cadastroadotante.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...
CVE-2025-53932
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the cadastroadotante.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...
CVE-2025-53932 WeGIA vulnerable to Reflected Cross-Site Scripting via endpoint 'cadastro_adotante.php' parameter 'cpf'
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the cadastroadotante.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...
CVE-2025-53932 WeGIA vulnerable to Reflected Cross-Site Scripting via endpoint 'cadastro_adotante.php' parameter 'cpf'
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the cadastroadotante.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations from the individual developer Nilson Lazarin. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the cadastroadotante.php endpoint cpf parameter, no details ...
CVE-2025-26163
CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the CPF parameter...
CVE-2025-26163
CVE-2025-26163 affects CM Soluces Informatica Ltda Auto Atendimento 1.x.x and is a SQL injection via the CPF parameter. The CVSS 3.1 base score is 9.8 (CRITICAL) with Network access, low attack complexity, no privileges required, no user interaction, and impact high on confidentiality, integrity,...
CVE-2025-26163
CM Soluces Informatica Ltda Auto Atendimento 1.x.x was discovered to contain a SQL injection via the CPF parameter...
AT Software Solutions ATSVD 注入漏洞
AT Software Solutions ATSVD is an application from the Brazilian company AT Software Solutions. An injection vulnerability exists in AT Software Solutions ATSVD version 3.4.1 and earlier, which stems from an incorrect manipulation of the parameter txtCPF that can lead to SQL injection...