EUVD-2025-20267

Malicious code in bioql PyPI...

EUVD-2025-25464

Malicious code in bioql PyPI...

WeGIA SQL Injection Vulnerability (CNVD-2025-17269)

WeGIA is a web manager for welfare organizations. WeGIA suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /html/saude/profilepaciente.php endpoint idfuncionario parameter. An attacker could exploit this vulnerability...

CVE-2025-53377

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the cadastrodependentepessoanova.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the idfuncionario parameter. This...

CVE-2025-53529 WeGIA allows SQL Injection in html/funcionario/profile_funcionario.php (id_funcionario parameter)

WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profilefuncionario.php endpoint. The idfuncionario parameter is not properly sanitized or validated before being used in a SQL query, allowing an unauthenticated attacker to...

CVE-2025-53377 WebGia allows Cross-Site Scripting (XSS) in cadastro_dependente_pessoa_nova.php via the id_funcionario parameter

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the cadastrodependentepessoanova.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the idfuncionario parameter. This...

CVE-2025-53377 WebGia allows Cross-Site Scripting (XSS) in cadastro_dependente_pessoa_nova.php via the id_funcionario parameter

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the cadastrodependentepessoanova.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the idfuncionario parameter. This...

CVE-2024-57031

WeGIA 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the idfuncionario parameter...

CVE-2025-30364 WeGIA vulnerable to SQL Injection (Blind Time-Based) in remuneracao.php parameter id_funcionario

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/funcionario/remuneracao.php, in the idfuncionario parameter. This vulnerability allows the execution of arbitrary SQL commands, which can...

CVE-2024-57031

WeGIA 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the idfuncionario parameter...

CVE-2024-57031

CVE-2024-57031 affects WeGIA prior to 3.2.0, where an SQL injection is possible in /funcionario/remuneracao.php via the id_funcionario parameter. The CVE entry documents a high-severity impact (CONF/I/A HIGH) with network attack vector and no privileges required, per NVD/CNA metrics. Connected so...

CVE-2024-57031

WeGIA 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the idfuncionario parameter...