Lucene search
+L

7 matches found

cve
cve
added 2025/10/13 9:21 p.m.18 views

CVE-2025-62359

WeGIA, an open source Web Manager, contains a reflected XSS in the /pet/profile_pet.php?id_pet= endpoint prior to version 3.5.0. The root cause is insufficient input validation/escaping of the id_pet parameter, enabling injection of malicious scripts. The vulnerability affects WeGIA up to 3.4.x a...

6.1CVSS5.4AI score0.00219EPSS
Exploits1References3Affected Software1
redhatcve
redhatcve
added 2025/10/03 8:57 p.m.14 views

CVE-2025-61605

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profilepet.php endpoint, specifically in the idpet parameter. This vulnerability allows attackers to execute arbitrary SQL...

9.4CVSS8.2AI score0.00397EPSS
Exploits1References1
euvd
euvd
added 2025/10/03 8:7 p.m.8 views

EUVD-2025-32207

Malicious code in bioql PyPI...

9.4CVSS6.5AI score0.00397EPSS
Exploits1References2
nvd
nvd
added 2025/10/02 9:16 p.m.19 views

CVE-2025-61605

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profilepet.php endpoint, specifically in the idpet parameter. This vulnerability allows attackers to execute arbitrary SQL...

9.8CVSS0.00397EPSS
Exploits1References2
cve
cve
added 2025/10/02 8:13 p.m.13 views

CVE-2025-61605

WeGIA contains an SQL Injection in version 3.4.12 and earlier, exploitable via the id_pet parameter in /pet/profile_pet.php. The root cause is improper handling of that parameter, allowing arbitrary SQL commands and compromising database confidentiality, integrity, and availability. A fix is avai...

9.8CVSS7.8AI score0.00397EPSS
Exploits1References2Affected Software1
osv
osv
added 2025/10/02 8:13 p.m.7 views

CVE-2025-61605 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in /pet/profile_pet.php Endpoint

WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain an SQL Injection vulnerability which was identified in the /pet/profilepet.php endpoint, specifically in the idpet parameter. This vulnerability allows attackers to execute arbitrary SQL...

9.4CVSS8.2AI score0.00397EPSS
Exploits1References4
cnnvd
cnnvd
added 2025/10/02 12:0 a.m.6 views

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA 3.4.12 and earlier versions, which stems from incorrect manipulation of the parameter idpet in the file /pet/profilepet.php, which could lead to a SQL injection...

9.8CVSS7.3AI score0.00397EPSS
Exploits1References2
Rows per page
Query Builder