9 matches found
CVE-2026-33991
WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...
CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php
WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...
CVE-2026-33991
WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...
EUVD-2026-16884
WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...
CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php
WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...
CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php
WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...
CVE-2026-33991
CVE-2026-33991 affects WeGIA (web manager for charitable institutions). Before version 3.6.7, html/socio/sistema/deletar_tag.php uses extract($_REQUEST) and directly concatenates $id_tag into SQL queries (no prepared statements/sanitization), enabling SQL injection. This results in potential data...
PT-2026-28585
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.7 Description WeGIA is a web manager for charitable institutions. Versions prior to 3.6.7 contain a flaw in the html/socio/sistema/deletar tag.php file. This file utilizes the extract$ REQUEST function on line 14, a...
WeGIA SQL注入漏洞
WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.7 contained an SQL injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter idtag in the file html/socio/sistema/deletartag.php, which could lead...