651 matches found
Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager
On December 10, Cisco became aware of a new cyberattack campaign targeting a limited subset of appliances with certain ports open to the internet that are running Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. This attack allows the threat actors to...
VulnCheck KEV: CVE-2025-20393
A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...
Cisco Secure Email和Cisco Secure Email and Web Manager 安全漏洞
Cisco Secure Email and Cisco Secure Email and Web Manager are both products of Cisco, Inc.Cisco Secure Email is Cisco Secure Email formerly Email Security provides optimal protection for your email from network threats.Cisco Secure Email and Web Manager is a secure email and web manager. A securi...
CVE-2025-67496
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting XSS vulnerability in the /WeGIA/html/geral/configurarsenhas.php endpoint. The application does not sanitize user-controlled data before...
CVE-2025-67496 WeGia is Vulnerable to XSS through id_pessoa Parameter on Password Configuration Page
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting XSS vulnerability in the /WeGIA/html/geral/configurarsenhas.php endpoint. The application does not sanitize user-controlled data before...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for benefit organizations by Nilson Lazarin Individual Developer. A cross-site scripting vulnerability exists in WeGIA 3.5.4 and prior versions, which stems from improper user control data cleanup in the Employee Selection drop-down menu and could lead to a stored cross-sit...
CVE-2025-62597
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to version 3.5.1, a reflected cross-site scripting XSS vulnerability was identified in the editarinfopessoal.php endpoint of the WeGIA application. This vulnerability allows attackers to inject...
CVE-2025-62598
WeGIA is an open source Web Manager for Institutions. CVE-2025-62598 is a reflected XSS vulnerability in the editar_info_pessoal.php endpoint (GET /WeGIA/html/pessoa/editar_info_pessoal.php?action=1) that affects versions prior to 3.5.1. The issue arises from insufficient input sanitization in th...
CVE-2025-62177
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...
CVE-2025-62359
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.0, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /pet/profilepet.php?idpet= endpoint of the WeGIA application. This vulnerability allows attackers to inject...
CVE-2025-62360
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentedocumento.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to...
CVE-2025-62358
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracaogeral.php is vulnerable to Reflected Cross-Site Scripting XSS. An attacker can inject arbitrary JavaScript, which executes in the victim’s browser. This...
CVE-2025-62177
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...
EUVD-2025-34096
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracaogeral.php is vulnerable to Reflected Cross-Site Scripting XSS. An attacker can inject arbitrary JavaScript, which executes in the victim’s browser. This...
EUVD-2025-34097
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...
EUVD-2025-34102
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178 WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido'
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...
CVE-2025-62178
WeGIA (open source Web Manager for Institutions) prior to version 3.5.1 is affected by a Reflected XSS in the endpoint /html/atendido/cadastro_atendido_parentesco_pessoa_nova.php, where the idatendido parameter can be exploited to inject scripts. The vulnerability, described across multiple sourc...
PT-2025-41821
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a Web Manager for Institutions. A SQL Injection issue exists in the /html/funcionario/dependente documento.php API endpoint, specifically through the id dependente parameter. Successful...
PT-2025-41817
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a Web Manager for Institutions. A SQL Injection issue exists in the /html/funcionario/cadastro funcionario pessoa existente.php API endpoint, specifically affecting the cpf parameter. Successf...