CVE-2026-33991

WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...

WeGIA SQL注入漏洞

WeGIA is a network manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.7 contained an SQL injection vulnerability. This vulnerability stemmed from incorrect handling of the parameter idtag in the file html/socio/sistema/deletartag.php, which could lead...