4 matches found
CVE-2025-59939 WeGIA vulnerable to SQL Injection into method `excluir` of the `ProdutoControle` class in the parameter `id_produto`.
WeGIA is a Web manager for charitable institutions. Prior to version 3.5.0, WeGIA is vulnerable to SQL Injection attacks in the control.php endpoint with the following parameters: nomeClasse=ProdutoControle&metodo=excluir&idproduto=malicious command. It is necessary to apply prepared statements...
CVE-2025-59939
WeGIA (Web manager for charitable institutions) prior to version 3.5.0 is vulnerable to SQL Injection in the control.php endpoint via id_produto, where malicious command input through the id_produto parameter can exploit the site. The root cause is lack of proper sanitization and validation; the ...
CVE-2025-59939 WeGIA vulnerable to SQL Injection into method `excluir` of the `ProdutoControle` class in the parameter `id_produto`.
WeGIA is a Web manager for charitable institutions. Prior to version 3.5.0, WeGIA is vulnerable to SQL Injection attacks in the control.php endpoint with the following parameters: nomeClasse=ProdutoControle&metodo=excluir&idproduto=malicious command. It is necessary to apply prepared statements...
WeGIA 访问控制错误漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. WeGIA has an access control error vulnerability that originates from the documentoexcluir.php page of the WeGIA application instance containing a SQL injection vulnerability...