CVE-2025-23219

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionarcor.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in t...

PT-2025-50293

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editar categoria.php endpoint. The application fails to properly validate and sanitize user inputs in the id categori...

PT-2025-40425

Name of the Vulnerable Software and Affected Versions WeGIA versions 3.4.12 and below Description WeGIA, a web manager designed for charitable institutions, is susceptible to a Cross-Site Request Forgery CSRF issue. The deletion function for the Almoxarifado entity is accessible through an HTTP G...

Romm 代码问题漏洞

Romm is an open source manager for read-only memory from The RomM Project. A code issue vulnerability exists in Romm 4.0.0-beta.3 and prior versions that stems from improper access control of the /api/saves endpoint, which could lead to arbitrary file writes and remote code execution...

CVE-2025-54062

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...

CVE-2025-53930 WeGIA vulnerable to Stored Cross-Site Scripting (XSS) via endpoint 'adicionar_especie.php' parameter 'especie'

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarespecie.php endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inje...