15 matches found
EUVD-2025-34093
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentedocumento.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to...
CVE-2025-62360 WeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentedocumento.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to...
CVE-2025-62360 WeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php`
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentedocumento.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to...
EUVD-2025-20293
Malicious code in bioql PyPI...
CVE-2025-54062
Summary: CVE-2025-54062 affects WeGIA, an open source web manager. A SQL Injection flaw exists in versions prior to 3.4.6 in the /html/funcionario/profile_dependente.php endpoint, specifically in the id_dependente parameter. Root cause is lack of input validation for externally supplied SQL state...
CVE-2025-54062 WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-53525
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the profilefamiliar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the iddependente parameter. This vulnerability is...
CVE-2025-53525
The CVE-2025-53525 entry concerns WeGIA, a web manager for charitable organizations. A concrete vulnerability exists in the profile_familiar.php endpoint where the id_dependente parameter enables reflected Cross-Site Scripting (XSS). The root cause is insufficient filtering/escaping of user-suppl...
CVE-2025-53525 WebGia allows Cross-Site Scripting (XSS) in profile_familiar.php via the id_dependente parameter
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the profilefamiliar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the iddependente parameter. This vulnerability is...
CVE-2025-53525 WebGia allows Cross-Site Scripting (XSS) in profile_familiar.php via the id_dependente parameter
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the profilefamiliar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the iddependente parameter. This vulnerability is...
CVE-2025-53525 WebGia allows Cross-Site Scripting (XSS) in profile_familiar.php via the id_dependente parameter
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the profilefamiliar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the iddependente parameter. This vulnerability is...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations. WeGIA suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data by the iddependente parameter in the profilefamiliar.php endpoint, no details of the vulnerability are...
CVE-2025-22140
WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependentelistarum.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...
CVE-2025-22140 WeGIA SQL Injection (Blind Time-Based) endpoint 'dependente_listar_um.php' parameter 'id_dependente'
WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependentelistarum.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...
CVE-2025-22140 WeGIA SQL Injection (Blind Time-Based) endpoint 'dependente_listar_um.php' parameter 'id_dependente'
WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependentelistarum.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...