14 matches found
CVE-2026-23724
CVE-2026-23724 affects the WeGIA web manager. A Stored Cross‑Site Scripting (XSS) vulnerability exists in the html/atendido/cadastro_ocorrencia.php endpoint where user-controlled data is rendered in the “Atendido” dropdown without sanitization. This could allow injection in Attendido_idatendido f...
CVE-2025-62178
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178 WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido'
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
EUVD-2025-34102
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178 WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido'
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178
WeGIA (open source Web Manager for Institutions) prior to version 3.5.1 is affected by a Reflected XSS in the endpoint /html/atendido/cadastro_atendido_parentesco_pessoa_nova.php, where the idatendido parameter can be exploited to inject scripts. The vulnerability, described across multiple sourc...
PT-2025-41816
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a web management application for institutions. A Reflected Cross-Site Scripting XSS issue exists in the /html/atendido/cadastro atendido parentesco pessoa nova.php API endpoint. Attackers can...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.5.1, which originates from an unvalidated entry of the idatendido parameter in the...
The vulnerability of the /html/atendido/Profile_Atendido.php script of the WeGIA web manager allows a perpetrator to disclose confidential information or cause service denial.
The vulnerability of the WeGIA web manager’s /html/atendido/ProfileAtendido.php script is related to the failure to protect the SQL query structure when processing the idatendido parameter. Exploiting this vulnerability can allow an attacker to disclose confidential information or cause service...
The vulnerability in the WeGIA web manager’s script /html/funcionario/dependente_editarInfoPessoal.php allows a perpetrator to disclose confidential information, increase their privileges, or execute arbitrary code.
The vulnerability of the WeGIA web manager’s script /html/funcionario/dependenteeditarInfoPessoal.php is related to the lack of protection for the SQL query structure during the processing of the parameter idatendidofamiliares. Exploiting this vulnerability can allow an attacker to disclose...
WeGIA SQL Injection Vulnerability
WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that originates from the unvalidated parameter idatendido in file /html/atendido/ProfileAtendido.php, which can be exploited by an attacker to execute illegal SQL commands to steal sensitive databa...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that originates from the unvalidated parameter idatendido in file /html/atendido/ProfileAtendido.php, which can be exploited by an attacker to execute illegal SQL commands to steal sensitive databa...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations. WeGIA suffers from an SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the /html/funcionario/dependenteeditarDoc.php endpoint idatendidofamiliares parameter. An attacker could exploit...