Lucene search
K

3 matches found

BDU FSTEC
BDU FSTEC
added 2025/08/05 12:0 a.m.5 views

The vulnerability in the WeGIA web manager’s /html/funcionario/profile_dependente.php script allows a perpetrator to disclose confidential information, increase their privileges, or execute arbitrary code.

The vulnerability in the WeGIA web manager’s /html/funcionario/profiledependente.php script relates to the failure to protect the SQL query structure when processing the iddependente parameter. Exploiting this vulnerability can allow an attacker to disclose confidential information, enhance their...

9.9CVSS5.8AI score0.00458EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/07/17 2:33 p.m.8 views

CVE-2025-54062 WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...

9.4CVSS0.00458EPSS
Exploits1References1
CVE
CVE
added 2025/07/17 2:33 p.m.27 views

CVE-2025-54062

Summary: CVE-2025-54062 affects WeGIA, an open source web manager. A SQL Injection flaw exists in versions prior to 3.4.6 in the /html/funcionario/profile_dependente.php endpoint, specifically in the id_dependente parameter. Root cause is lack of input validation for externally supplied SQL state...

9.4CVSS7.9AI score0.00458EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder