10 matches found
CVE-2026-23729
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarDescricao and...
CVE-2026-23730 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=ProdutoControle)
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...
CVE-2026-23730
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...
CVE-2026-23730
CVE-2026-23730 describes an Open Redirect in WeGIA web manager before version 3.6.2. The flaw lies in /WeGIA/controle/control.php via the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle, where nextPage is not validated or restricted. This enables attackers ...
CVE-2026-23729 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarDescricao, nomeClasse=ProdutoControle)
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarDescricao and...
CVE-2026-23729
WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarDescricao and...
CVE-2026-23729
WeGIA web manager (WeGIA) has an Open Redirect in /WeGIA/controle/control.php via the nextPage parameter when metodo=listarDescricao and nomeClasse=ProdutoControle. The issue allows redirecting users to external sites, enabling phishing, credential theft, malware distribution, and social engineer...
CVE-2025-59939
WeGIA (Web manager for charitable institutions) prior to version 3.5.0 is vulnerable to SQL Injection in the control.php endpoint via id_produto, where malicious command input through the id_produto parameter can exploit the site. The root cause is lack of proper sanitization and validation; the ...
CVE-2025-59939 WeGIA vulnerable to SQL Injection into method `excluir` of the `ProdutoControle` class in the parameter `id_produto`.
WeGIA is a Web manager for charitable institutions. Prior to version 3.5.0, WeGIA is vulnerable to SQL Injection attacks in the control.php endpoint with the following parameters: nomeClasse=ProdutoControle&metodo=excluir&idproduto=malicious command. It is necessary to apply prepared statements...
CVE-2025-59939 WeGIA vulnerable to SQL Injection into method `excluir` of the `ProdutoControle` class in the parameter `id_produto`.
WeGIA is a Web manager for charitable institutions. Prior to version 3.5.0, WeGIA is vulnerable to SQL Injection attacks in the control.php endpoint with the following parameters: nomeClasse=ProdutoControle&metodo=excluir&idproduto=malicious command. It is necessary to apply prepared statements...