16 matches found
EUVD-2025-25464
Malicious code in bioql PyPI...
EUVD-2025-24453
Malicious code in bioql PyPI...
CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php`
WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...
CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php`
WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...
CVE-2025-57761 WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php`
WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the...
CVE-2025-57761
WeGIA is vulnerable to a SQL Injection in the endpoint /html/funcionario/dependente_remover.php, via the id_funcionario parameter, in versions prior to 3.4.10. The flaw allows attackers to execute arbitrary SQL commands, compromising database confidentiality, integrity, and availability. The issu...
CVE-2025-55167
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-55171
CVE-2025-55171 (WeGIA) affects WeGIA prior to version 3.4.8. The vulnerability arises from missing authentication checks at the endpoint /html/personalizacao_remover.php, allowing an anonymous attacker to delete image files by supplying an image id via the imagem_0 parameter. This leads to arbitr...
CVE-2025-55171 WeGIA Anonymous Attacker can Delete Arbitrary Image file at endpoint `/html/personalizacao_remover.php`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, the application does not check authentication at endpoint /html/personalizacaoremover.php allowing anonymous attacker without login to delete any Image files at endpoin...
CVE-2025-55167
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-55167 WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-55167 WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-55167 WeGIA SQL Injection via id_fichamedica at endpoint `GET/html/funcionario/dependente_remover.php`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/funcionario/dependenteremover.php endpoint, specifically in the iddependente parameter. This vulnerability...
PT-2025-32690 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.8 Description: WeGIA is an open-source web manager designed for the Portuguese language and charitable institutions. A SQL Injection vulnerability exists in the /html/funcionario/dependente remover.php API endpoint...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A SQL injection vulnerability exists in WeGIA versions prior to 3.4.8, which stems from a SQL injection in the /html/funcionario/dependenteremover.php endpoint iddependente parameter, which could lead to ...
WeGIA 授权问题漏洞
WeGIA is a web manager for welfare organizations by Nilson Lazarin Personal Developer. An authorization issue vulnerability exists in WeGIA versions prior to 3.4.8, which stems from a lack of authentication in the /html/personalizacaoremover.php endpoint, which could result in the deletion of...