CVE-2025-62359

WeGIA, an open source Web Manager, contains a reflected XSS in the /pet/profile_pet.php?id_pet= endpoint prior to version 3.5.0. The root cause is insufficient input validation/escaping of the id_pet parameter, enabling injection of malicious scripts. The vulnerability affects WeGIA up to 3.4.x a...

CVE-2025-61605

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profilepet.php endpoint, specifically in the idpet parameter. This vulnerability allows attackers to execute arbitrary SQL...

EUVD-2025-32207

Malicious code in bioql PyPI...

CVE-2025-61605

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profilepet.php endpoint, specifically in the idpet parameter. This vulnerability allows attackers to execute arbitrary SQL...

CVE-2025-61605

WeGIA contains an SQL Injection in version 3.4.12 and earlier, exploitable via the id_pet parameter in /pet/profile_pet.php. The root cause is improper handling of that parameter, allowing arbitrary SQL commands and compromising database confidentiality, integrity, and availability. A fix is avai...

CVE-2025-61605 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in /pet/profile_pet.php Endpoint

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profilepet.php endpoint, specifically in the idpet parameter. This vulnerability allows attackers to execute arbitrary SQL...

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA 3.4.12 and earlier versions, which stems from incorrect manipulation of the parameter idpet in the file /pet/profilepet.php, which could lead to a SQL injection...