15 matches found
EUVD-2025-6016
Malicious code in bioql PyPI...
EUVD-2025-5106
Malicious code in bioql PyPI...
CVE-2025-27419
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Denial of Service DoS vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering. The vulnerabilit...
CVE-2025-27417
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarstatusatendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into...
CVE-2025-27418 WeGIA contains a Stored Cross-Site Scripting (XSS) in 'adicionar_tipo_atendido.php' via the 'tipo' parameter
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionartipoatendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into t...
CVE-2025-26617
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, historicopaciente.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...
CVE-2025-26607
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, documentoexcluir.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...
CVE-2025-26608
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, dependentedocdependente.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing...
CVE-2025-26606 SQL Injection endpoint 'informacao_adicional.php' parameter 'id_descricao' in WeGIA
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, informacaoadicional.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthoriz...
CVE-2025-26606
WeGIA is affected by a SQL Injection in the informacao_adicional.php endpoint (parameter id_descricao) that can allow arbitrary SQL execution and access to sensitive data. The issue is resolved in version 3.2.13; users should upgrade to that version. The records consistently describe a high-sever...
CVE-2025-26608
WeGIA (open source Web Manager) has a SQL Injection in the dependente_docdependente.php endpoint (affecting parameters like id_dependente and id_doc) that allows arbitrary SQL execution and unauthorized data access. Root cause: improper input handling leading to query manipulation. Impact: potent...
CVE-2025-26609
CVE-2025-26609 affects WeGIA, an open-source Web Manager for Institutions. A SQL Injection in the endpoint familiar_docfamiliar.php (e.g., parameters like id_dependente, id_doc) allows an attacker to execute arbitrary SQL queries, leading to unauthorized access to sensitive data. The issue is add...
CVE-2025-26611 SQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIA
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, removerproduto.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...
CVE-2025-26611 SQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIA
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, removerproduto.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...
CVE-2025-26612
WeGIA is affected by a SQL Injection in the adicionar_almoxarife.php endpoint. The vulnerability allows arbitrary SQL queries, potentially exposing sensitive data. The issue is addressed in version 3.2.13; upgrading is advised. Some sources also suggest temporary workarounds like restricting acce...