Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2025/10/03 8:57 p.m.13 views

CVE-2025-61603

WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...

9.4CVSS8.2AI score0.00397EPSS
Exploits1References1
NVD
NVD
added 2025/10/02 8:15 p.m.12 views

CVE-2025-61603

WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...

9.8CVSS0.00397EPSS
Exploits1References2
CVE
CVE
added 2025/10/02 7:53 p.m.12 views

CVE-2025-61603

WeGIA (web manager for charitable institutions) versions 3.4.12 and earlier contain an SQL Injection in /controle/control.php via the descricao parameter, enabling attackers to execute arbitrary SQL commands and compromise database confidentiality, integrity, and availability. The issue is fixed ...

9.8CVSS7.8AI score0.00397EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/02 7:53 p.m.5 views

CVE-2025-61603 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter

WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...

9.4CVSS7.8AI score0.00397EPSS
Exploits1References2
OSV
OSV
added 2025/10/02 7:53 p.m.4 views

CVE-2025-61603 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter

WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...

9.4CVSS8.2AI score0.00397EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/10/02 7:53 p.m.13 views

CVE-2025-61603 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter

WeGIA is a Web manager for charitable institutions. Versions 3.4.12 and below include an SQL Injection vulnerability which was identified in the /controle/control.php endpoint, specifically in the descricao parameter. This vulnerability allows attackers to execute arbitrary SQL commands,...

9.4CVSS0.00397EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/10/02 12:0 a.m.4 views

PT-2025-40424

Name of the Vulnerable Software and Affected Versions WeGIA versions 3.4.12 and below Description WeGIA is a Web manager for charitable institutions. A SQL Injection issue exists in the /controle/control.php endpoint, specifically in the descricao parameter. This allows attackers to execute...

9.4CVSS8AI score0.00397EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/10/02 12:0 a.m.3 views

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA 3.4.12 and earlier versions, which stems from insufficient validation of the parameter descricao in the file /controle/control.php, which could lead to an SQL...

9.8CVSS7.4AI score0.00397EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.5 views

CVE-2024-46079

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...

6.1CVSS6.1AI score0.00319EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/01/13 12:0 a.m.2 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. WeGIA has a cross-site scripting vulnerability that stems from a stored cross-site scripting vulnerability contained in the descricao parameter of the informacaoadicional.php file...

6.4CVSS5.9AI score0.0034EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.6 views

PT-2025-4602 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.6 Description: A Stored Cross-Site Scripting XSS vulnerability was identified in the dependente parentesco adicionar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious...

6.4CVSS5.6AI score0.00273EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.4 views

PT-2025-4599 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.6 Description: A Stored Cross-Site Scripting XSS vulnerability was identified in the informacao adicional.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into...

6.4CVSS5.6AI score0.0034EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/01/13 12:0 a.m.7 views

PT-2025-4784 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.6 Description: A Stored Cross-Site Scripting XSS vulnerability was identified in the remuneracao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the...

6.4CVSS5.6AI score0.00273EPSS
Exploits1References7
OSV
OSV
added 2024/10/01 7:15 p.m.2 views

CVE-2024-46079

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...

6.1CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2024/10/01 7:15 p.m.9 views

CVE-2024-46079

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...

6.1CVSS0.00319EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/10/01 12:0 a.m.10 views

CVE-2024-46079

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...

6.1AI score0.00319EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/01 12:0 a.m.13 views

CVE-2024-46079

Scriptcase v9.10.023 and before is vulnerable to Cross Site Scripting XSS in projnew.php via the Descricao parameter...

0.00319EPSS
Exploits1References1
CVE
CVE
added 2024/10/01 12:0 a.m.50 views

CVE-2024-46079

Affected product: Scriptcase v9.10.023 and earlier. Vulnerability: Cross Site Scripting (XSS) in proj_new.php via the Descricao parameter. Root cause / nature: XSS exposure reported across multiple sources; CVSS 3.1 base score 6.1 (Medium) with Network attack vector, low attack complexity, no pri...

6.1CVSS5.8AI score0.00319EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder