Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/26 10:19 p.m.26 views

CVE-2025-27140

WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, importardump.php endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely. The command is basically a comma...

10CVSS8.1AI score0.03021EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/24 9:21 p.m.8 views

CVE-2025-27140 WeGIA vulnerable to OS Command Injection at endpoint 'importar_dump.php' parameter 'import' (RCE)

WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, importardump.php endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely. The command is basically a comma...

10CVSS7.9AI score0.03021EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/24 9:21 p.m.13 views

CVE-2025-27140 WeGIA vulnerable to OS Command Injection at endpoint 'importar_dump.php' parameter 'import' (RCE)

WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, importardump.php endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely. The command is basically a comma...

10CVSS0.03021EPSS
Exploits1References2
CVE
CVE
added 2025/02/24 9:21 p.m.90 views

CVE-2025-27140

WeGIA (web manager for charitable institutions) is affected by an OS Command Injection in versions prior to 3.2.15, specifically via the importar_dump.php endpoint. The vulnerability allows remote code execution and could enable uploading a webshell by moving or manipulating a temporary file. Ver...

10CVSS8.5AI score0.03021EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder