18 matches found
CVE-2025-61603
WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...
CVE-2025-61603
WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...
CVE-2025-61603
WeGIA (web manager for charitable institutions) versions 3.4.12 and earlier contain an SQL Injection in /controle/control.php via the descricao parameter, enabling attackers to execute arbitrary SQL commands and compromise database confidentiality, integrity, and availability. The issue is fixed ...
CVE-2025-61603 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter
WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...
CVE-2025-61603 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter
WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...
CVE-2025-61603 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter
WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...
PT-2025-40424
Name of the Vulnerable Software and Affected Versions WeGIA versions 3.4.12 and below Description WeGIA is a Web manager for charitable institutions. A SQL Injection issue exists in the /controle/control.php endpoint, specifically in the descricao parameter. This allows attackers to execute...
WeGIA 安全漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA 3.4.12 and earlier versions, which stems from insufficient validation of the parameter descricao in the file /controle/control.php, which could lead to an SQL...
CVE-2024-46079
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. WeGIA has a cross-site scripting vulnerability that stems from a stored cross-site scripting vulnerability contained in the descricao parameter of the informacaoadicional.php file...
PT-2025-4602 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.6 Description: A Stored Cross-Site Scripting XSS vulnerability was identified in the dependente parentesco adicionar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious...
PT-2025-4599 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.6 Description: A Stored Cross-Site Scripting XSS vulnerability was identified in the informacao adicional.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into...
PT-2025-4784 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.6 Description: A Stored Cross-Site Scripting XSS vulnerability was identified in the remuneracao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the...
CVE-2024-46079
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...
CVE-2024-46079
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...
CVE-2024-46079
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...
CVE-2024-46079
Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...
CVE-2024-46079
Affected product: Scriptcase v9.10.023 and earlier. Vulnerability: Cross Site Scripting (XSS) in proj_new.php via the Descricao parameter. Root cause / nature: XSS exposure reported across multiple sources; CVSS 3.1 base score 6.1 (Medium) with Network attack vector, low attack complexity, no pri...