2 matches found
CVE-2025-55169 WeGIA Path Traversal at endpoint 'html/socio/sistema/download_remessa.php' via parameter 'file'
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a path traversal vulnerability was discovered in the WeGIA application, html/socio/sistema/downloadremessa.php endpoint. This vulnerability could allow an attacker to...
CVE-2025-55169
WeGIA is vulnerable to a path traversal flaw in the html/socio/sistema/download_remessa.php endpoint prior to version 3.4.8 . The issue allows unauthorized access to local server files and exposes sensitive configuration data via config.php, which could reveal database credentials. The vulnerabil...