17 matches found
CVE-2026-33134
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurarproduto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the idproduto GET parameter,...
CVE-2026-33134
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurarproduto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the idproduto GET parameter,...
EUVD-2026-13678
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurarproduto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the idproduto GET parameter,...
CVE-2026-33134 WeGIA has Authenticated Time-Based Blind SQL Injection in `restaurar_produto.php` via `id_produto` parameter
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurarproduto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the idproduto GET parameter,...
CVE-2026-33134 WeGIA has Authenticated Time-Based Blind SQL Injection in `restaurar_produto.php` via `id_produto` parameter
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurarproduto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the idproduto GET parameter,...
CVE-2026-33134
CVE-2026-33134 affects WeGIA web manager (versions 3.6.5 and earlier). The vulnerability is an authenticated SQL injection in the endpoint html/matPat/restaurar_produto.php, where the parameter id_produto is read from $_GET and directly interpolated into two SQL query strings without sanitization...
CVE-2026-33134 WeGIA has Authenticated Time-Based Blind SQL Injection in `restaurar_produto.php` via `id_produto` parameter
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurarproduto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the idproduto GET parameter,...
PT-2026-26605
WeGIA is a web manager for charitable institutions. Versions 3.6.5 and below contain an authenticated SQL Injection vulnerability in the html/matPat/restaurar produto.php endpoint. The vulnerability allows an authenticated attacker to inject arbitrary SQL commands via the id produto GET parameter...
WeGIA 安全漏洞
WeGIA is a network manager for a welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.5 contained security vulnerabilities. These vulnerabilities stemmed from SQL injections in the html/matPat/restaurarProduto.php endpoint, which could lead to a complete database breac...
CVE-2026-31895 WeGIA has a SQL Injection via Direct Query Interpolation in restaurar_produto.php
WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA Web gerenciador para instituições assistenciais contains a SQL injection vulnerability in html/matPat/restaurarproduto.php. The idproduto parameter from $GET is directly interpolated into SQL queries without...
CVE-2026-31895
CVE-2026-31895 affects WeGIA (Web gerenciador para instituições assistenciais). Before version 3.6.6, the file html/matPat/restaurar_produto.php is vulnerable to SQL injection because the id_produto parameter from $_GET is directly interpolated into SQL queries without parameterization or sanitiz...
CVE-2026-31895 WeGIA has a SQL Injection via Direct Query Interpolation in restaurar_produto.php
WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA Web gerenciador para instituições assistenciais contains a SQL injection vulnerability in html/matPat/restaurarproduto.php. The idproduto parameter from $GET is directly interpolated into SQL queries without...
CVE-2026-31895
WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA Web gerenciador para instituições assistenciais contains a SQL injection vulnerability in html/matPat/restaurarproduto.php. The idproduto parameter from $GET is directly interpolated into SQL queries without...
CVE-2026-31895 WeGIA has a SQL Injection via Direct Query Interpolation in restaurar_produto.php
WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA Web gerenciador para instituições assistenciais contains a SQL injection vulnerability in html/matPat/restaurarproduto.php. The idproduto parameter from $GET is directly interpolated into SQL queries without...
WeGIA SQL注入漏洞
WeGIA is a web manager for the welfare organization developed by Nilson Lazarin. Versions of WeGIA prior to 3.6.6 contained an SQL injection vulnerability. This vulnerability stemmed from the id Produto parameter in the html/matPat/restaurarProduto.php file being directly concatenated into the SQ...
PT-2026-24797
WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA Web gerenciador para instituições assistenciais contains a SQL injection vulnerability in html/matPat/restaurar produto.php. The id produto parameter from $ GET is directly interpolated into SQL queries without...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. WeGIA has an SQL injection vulnerability that originates from the restaurarprodutodesocultar.php page of the WeGIA application instance that contains an SQL injection vulnerability...