Lucene search
K

15 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-6016

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00271EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-5106

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.0052EPSS
Exploits1References1
NVD
NVD
added 2025/03/03 4:15 p.m.12 views

CVE-2025-27419

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Denial of Service DoS vulnerability exists in WeGIA. This vulnerability allows any unauthenticated user to cause the server to become unresponsive by performing aggressive spidering. The vulnerabilit...

9.2CVSS0.0053EPSS
Exploits1References2
NVD
NVD
added 2025/03/03 4:15 p.m.16 views

CVE-2025-27417

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionarstatusatendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into...

6.4CVSS0.00271EPSS
Exploits1References2
OSV
OSV
added 2025/03/03 4:3 p.m.13 views

CVE-2025-27418 WeGIA contains a Stored Cross-Site Scripting (XSS) in 'adicionar_tipo_atendido.php' via the 'tipo' parameter

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting XSS vulnerability was identified in the adicionartipoatendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into t...

6.4CVSS5.2AI score0.00253EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/02/20 10:25 p.m.9 views

CVE-2025-26617

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, historicopaciente.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...

10CVSS8.2AI score0.00542EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/20 10:24 p.m.12 views

CVE-2025-26607

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, documentoexcluir.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...

10CVSS8.2AI score0.00542EPSS
Exploits1References1
NVD
NVD
added 2025/02/18 9:15 p.m.30 views

CVE-2025-26608

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, dependentedocdependente.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing...

10CVSS0.00542EPSS
Exploits1References1
OSV
OSV
added 2025/02/18 8:37 p.m.10 views

CVE-2025-26606 SQL Injection endpoint 'informacao_adicional.php' parameter 'id_descricao' in WeGIA

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, informacaoadicional.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthoriz...

10CVSS8.1AI score0.00542EPSS
Exploits1References3
CVE
CVE
added 2025/02/18 8:37 p.m.65 views

CVE-2025-26606

WeGIA is affected by a SQL Injection in the informacao_adicional.php endpoint (parameter id_descricao) that can allow arbitrary SQL execution and access to sensitive data. The issue is resolved in version 3.2.13; users should upgrade to that version. The records consistently describe a high-sever...

10CVSS8.3AI score0.00542EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/02/18 8:36 p.m.59 views

CVE-2025-26608

WeGIA (open source Web Manager) has a SQL Injection in the dependente_docdependente.php endpoint (affecting parameters like id_dependente and id_doc) that allows arbitrary SQL execution and unauthorized data access. Root cause: improper input handling leading to query manipulation. Impact: potent...

10CVSS8.3AI score0.00542EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/02/18 8:36 p.m.73 views

CVE-2025-26609

CVE-2025-26609 affects WeGIA, an open-source Web Manager for Institutions. A SQL Injection in the endpoint familiar_docfamiliar.php (e.g., parameters like id_dependente, id_doc) allows an attacker to execute arbitrary SQL queries, leading to unauthorized access to sensitive data. The issue is add...

10CVSS8.3AI score0.00542EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/02/18 8:34 p.m.8 views

CVE-2025-26611 SQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIA

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, removerproduto.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...

10CVSS8.1AI score0.00531EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/02/18 8:34 p.m.9 views

CVE-2025-26611 SQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIA

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, removerproduto.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthorized...

10CVSS8.3AI score0.00531EPSS
Exploits1References1
CVE
CVE
added 2025/02/18 8:34 p.m.69 views

CVE-2025-26612

WeGIA is affected by a SQL Injection in the adicionar_almoxarife.php endpoint. The vulnerability allows arbitrary SQL queries, potentially exposing sensitive data. The issue is addressed in version 3.2.13; upgrading is advised. Some sources also suggest temporary workarounds like restricting acce...

10CVSS8.3AI score0.00523EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder