EUVD-2025-2871

Malicious code in bioql PyPI...

EUVD-2025-2874

Malicious code in bioql PyPI...

CVE-2025-53824

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the editarpermissoes.php endpoint of the WeGIA application prior to version 3.4.4. This vulnerability allows attackers to...

CVE-2025-22619 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_permissoes.php' parameter 'msg_c'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the editarpermissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts...

CVE-2025-22599

The CVE-2025-22599 issue affects the WeGIA web manager (WeGIA) and relates to a Reflected Cross-Site Scripting (XSS) vulnerability in the home.php endpoint via the msg_c parameter. The root cause is a reflected XSS flaw that allows injection of malicious scripts. Affected versions are prior to 3....

CVE-2025-22599 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `home.php` parameter `msg_c`

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed in 3.2.8...

CVE-2025-22599 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `home.php` parameter `msg_c`

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed in 3.2.8...

CVE-2025-22596 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint 'modulos_visiveis.php' parameter'msg_c'

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the modulosvisiveis.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed in...

CVE-2025-22596

CVE-2025-22596 describes a Reflected Cross-Site Scripting (XSS) in WeGIA, a web manager for charitable institutions. The vulnerability exists in the modulos_visiveis.php endpoint, allowing injection via the msg_c parameter. Multiple sources confirm the fix in version 3.2.8. Impact details are lim...

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.2.8, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows an attacker to inject malicio...

CVE-2025-22139

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the configuracaogeral.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed ...

CVE-2025-22139 WeGIA Cross-Site Scripting (XSS) Reflected endpoint `configuracao_geral.php` parameter `msg`

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the configuracaogeral.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed ...