Lucene search
K

651 matches found

Cisco
Cisco
added 2025/12/17 4:0 p.m.15 views

Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager

On December 10, Cisco became aware of a new cyberattack campaign targeting a limited subset of appliances with certain ports open to the internet that are running Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. This attack allows the threat actors to...

10CVSS7.5AI score0.2906EPSS
Exploits2References1
VulnCheck KEV
VulnCheck KEV
added 2025/12/17 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-20393

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...

10CVSS6.1AI score0.2906EPSS
In wildExploits2References15
CNNVD
CNNVD
added 2025/12/17 12:0 a.m.7 views

Cisco Secure Email和Cisco Secure Email and Web Manager 安全漏洞

Cisco Secure Email and Cisco Secure Email and Web Manager are both products of Cisco, Inc.Cisco Secure Email is Cisco Secure Email formerly Email Security provides optimal protection for your email from network threats.Cisco Secure Email and Web Manager is a secure email and web manager. A securi...

10CVSS7.5AI score0.2906EPSS
Exploits2References3
NVD
NVD
added 2025/12/09 11:16 p.m.5 views

CVE-2025-67496

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting XSS vulnerability in the /WeGIA/html/geral/configurarsenhas.php endpoint. The application does not sanitize user-controlled data before...

5.4CVSS0.00212EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/09 10:43 p.m.4 views

CVE-2025-67496 WeGia is Vulnerable to XSS through id_pessoa Parameter on Password Configuration Page

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting XSS vulnerability in the /WeGIA/html/geral/configurarsenhas.php endpoint. The application does not sanitize user-controlled data before...

4.3CVSS4.8AI score0.00212EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.5 views

WeGIA 跨站脚本漏洞

WeGIA is a web manager for benefit organizations by Nilson Lazarin Individual Developer. A cross-site scripting vulnerability exists in WeGIA 3.5.4 and prior versions, which stems from improper user control data cleanup in the Employee Selection drop-down menu and could lead to a stored cross-sit...

5.4CVSS5.9AI score0.00212EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/10/22 5:18 p.m.5 views

CVE-2025-62597

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to version 3.5.1, a reflected cross-site scripting XSS vulnerability was identified in the editarinfopessoal.php endpoint of the WeGIA application. This vulnerability allows attackers to inject...

6.9CVSS5.9AI score0.00268EPSS
Exploits1References1
CVE
CVE
added 2025/10/21 4:34 p.m.11 views

CVE-2025-62598

WeGIA is an open source Web Manager for Institutions. CVE-2025-62598 is a reflected XSS vulnerability in the editar_info_pessoal.php endpoint (GET /WeGIA/html/pessoa/editar_info_pessoal.php?action=1) that affects versions prior to 3.5.1. The issue arises from insufficient input sanitization in th...

6.9CVSS5.4AI score0.0022EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.13 views

CVE-2025-62177

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...

8.8CVSS8.2AI score0.0048EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.11 views

CVE-2025-62359

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.0, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /pet/profilepet.php?idpet= endpoint of the WeGIA application. This vulnerability allows attackers to inject...

6.1CVSS5.8AI score0.00214EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/14 9:49 p.m.6 views

CVE-2025-62360

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentedocumento.php endpoint, specifically in the iddependente parameter. This vulnerability allows attackers to...

9.4CVSS8.2AI score0.00821EPSS
Exploits3References1
NVD
NVD
added 2025/10/13 10:15 p.m.7 views

CVE-2025-62358

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracaogeral.php is vulnerable to Reflected Cross-Site Scripting XSS. An attacker can inject arbitrary JavaScript, which executes in the victim’s browser. This...

6.1CVSS0.00234EPSS
Exploits1References2
NVD
NVD
added 2025/10/13 10:15 p.m.7 views

CVE-2025-62177

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependentelistar.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to...

8.8CVSS0.0048EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/13 9:16 p.m.6 views

EUVD-2025-34096

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, the log parameter in configuracaogeral.php is vulnerable to Reflected Cross-Site Scripting XSS. An attacker can inject arbitrary JavaScript, which executes in the victim’s browser. This...

5.4CVSS5.8AI score0.00234EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/13 9:13 p.m.5 views

EUVD-2025-34097

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/cadastrofuncionariopessoaexistente.php endpoint, specifically in the cpf parameter. This vulnerability allows...

8.6CVSS7.7AI score0.0039EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/13 9:12 p.m.6 views

EUVD-2025-34102

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...

3.5CVSS5.3AI score0.00214EPSS
Exploits1References3
OSV
OSV
added 2025/10/13 9:12 p.m.5 views

CVE-2025-62178 WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido'

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting XSS vulnerability was identified in the /html/atendido/cadastroatendidoparentescopessoanova.php endpoint of the WeGIA application. This vulnerability...

3.5CVSS5.8AI score0.00214EPSS
Exploits1References5
CVE
CVE
added 2025/10/13 9:12 p.m.17 views

CVE-2025-62178

WeGIA (open source Web Manager for Institutions) prior to version 3.5.1 is affected by a Reflected XSS in the endpoint /html/atendido/cadastro_atendido_parentesco_pessoa_nova.php, where the idatendido parameter can be exploited to inject scripts. The vulnerability, described across multiple sourc...

5.4CVSS5.4AI score0.00214EPSS
Exploits1References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.4 views

PT-2025-41821

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a Web Manager for Institutions. A SQL Injection issue exists in the /html/funcionario/dependente documento.php API endpoint, specifically through the id dependente parameter. Successful...

9.4CVSS7.9AI score0.00821EPSS
Exploits3References9
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.7 views

PT-2025-41817

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.5.1 Description WeGIA is a Web Manager for Institutions. A SQL Injection issue exists in the /html/funcionario/cadastro funcionario pessoa existente.php API endpoint, specifically affecting the cpf parameter. Successf...

8.6CVSS8AI score0.0039EPSS
Exploits1References7
Rows per page
Query Builder