CVE-2025-62360

CVE-2025-62360 – WeGIA SQL Injection : An SQL injection flaw exists in WeGIA versions prior to 3.5.1 in the endpoint /html/funcionario/dependente_documento.php via the id_dependente parameter. The vulnerability permits attackers to execute arbitrary SQL commands, compromising database confidentia...

PT-2025-36523

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.11 Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability exists in the /WeGIA/html/memorando/listar despachos.php endpoint, specifically in the id memorando parameter. This...

CVE-2025-24901

CVE-2025-24901 affects the WeGIA Web Manager for charitable institutions. A SQL Injection vulnerability exists in the deletar_permissao.php endpoint that could allow an authorized attacker to execute arbitrary SQL queries and access or delete sensitive information. The issue is addressed in versi...

CVE-2025-24905

CVE-2025-24905 : WeGIA Web Manager for charitable institutions contains a SQL injection in the get_codigobarras_cobranca.php endpoint (parameter likely codigo). An authorized attacker could execute arbitrary SQL queries, potentially accessing or deleting sensitive information. The issue is addres...

CVE-2025-24906 SQL Injection endpoint 'get_detalhes_cobranca.php' parameter 'codigo' in WeGIA

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, getdetalhescobranca.php endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive...