5 matches found
EUVD-2025-24465
Malicious code in bioql PyPI...
EUVD-2025-24453
Malicious code in bioql PyPI...
CVE-2025-55170
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a reflected cross-site scripting XSS vulnerability was identified in the /html/alterarsenha.php endpoint of the WeGIA application. This vulnerability allows attackers t...
CVE-2025-55168
CVE-2025-55168 affects WeGIA prior to 3.4.8, where a SQL injection exists in the GET endpoint /html/saude/aplicar_medicamento.php via the id_fichamedica parameter. This allows attackers to execute arbitrary SQL commands, risking confidentiality, integrity, and availability of the database. The is...
CVE-2025-55167
CVE-2025-55167 affects WeGIA prior to 3.4.8. A SQL Injection vulnerability exists in the endpoint /html/funcionario/dependente_remover.php, taking the id_dependente parameter, allowing an attacker to execute arbitrary SQL commands. Impact is described as compromising confidentiality, integrity, a...