8 matches found
CVE-2025-62360
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentedocumento.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to...
CVE-2025-62360 WeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentedocumento.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to...
CVE-2025-55167
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-55167 WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...
PT-2025-32690 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.8 Description: WeGIA is an open-source web manager designed for the Portuguese language and charitable institutions. A SQL Injection vulnerability exists in the /html/funcionario/dependente remover.php API endpoint...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A SQL injection vulnerability exists in WeGIA versions prior to 3.4.8, which stems from a SQL injection in the /html/funcionario/dependenteremover.php endpoint iddependente parameter, which could lead to ...
WeGIA SQL Injection Vulnerability (CNVD-2025-17268)
WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /html/funcionario/profiledependente.php endpoint iddependente parameter. An attacker could exploit this...
WeGIA Cross-Site Scripting Vulnerability (CNVD-2025-17293)
WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the iddependente parameter in the profilefamiliar.php endpoint, no details of the vulnerability are...