CVE-2026-23730

WeGIA is a web manager for charitable institutions. Prior to 3.6.2, an Open Redirect vulnerability was identified in the /WeGIA/controle/control.php endpoint of the WeGIA application, specifically through the nextPage parameter when combined with metodo=listarTodos and nomeClasse=ProdutoControle...

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA version 2.3.6, which stems from a stored cross-site scripting vulnerability contained in the situacao parameter of the adicionarsituacao.php page...

PT-2025-4584 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.8 Description: A Reflected Cross-Site Scripting XSS issue was identified in the "modulos visiveis.php" endpoint of the WeGIA application, allowing attackers to inject malicious scripts in the msg c parameter...

PT-2025-4377 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.8 Description: A SQL Injection vulnerability was identified in the "/dao/verificar recursos cargo.php" endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL...