10 matches found
CVE-2026-33135
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...
CVE-2026-33135
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...
CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...
EUVD-2026-13680
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...
CVE-2026-33135
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...
CVE-2026-33135
WeGIA is a web manager for charitable institutions. Affected versions: 3.6.6 and earlier. The issue is a Reflected Cross‑Site Scripting (XSS) in the endpoint /html/memorando/novo_memorandoo.php, where the GET parameter sccs is echoed into the HTML response without sanitization when msg equals 'su...
CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novomemorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response without...
PT-2026-26606
WeGIA is a web manager for charitable institutions. Versions 3.6.6 and below have a Reflected Cross-Site Scripting XSS vulnerability in the novo memorandoo.php endpoint. An attacker can inject arbitrary JavaScript into the sccs GET parameter, which is directly echoed into the HTML response withou...
CVE-2025-57763 Cross-Site Scripting (XSS) Reflected in 'insere_despacho.php' parameter 'sccs'
WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, there is a Reflected Cross-Site Scripting XSS vulnerability in the inseredespacho.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the cpf sccs. This vulnerability is fixed...
WeGIA 安全漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.4.7, which stems from the presence of reflective cross-site scripting in the cpf sccs parameter in the inseredespacho.php endpoint, which could...