CVE-2025-27140 WeGIA vulnerable to OS Command Injection at endpoint 'importar_dump.php' parameter 'import' (RCE)
WeGIA is a Web manager for charitable institutions. An OS Command Injection vulnerability was discovered in versions prior to 3.2.15 of the WeGIA application, importardump.php endpoint. This vulnerability could allow an attacker to execute arbitrary code remotely. The command is basically a comma...