43 matches found
📄 WeGIA 3.5.0 SQL Injection
Proof of concept remote SQL injection exploit for WeGIA versions 3.5.0 and below. Exploit Title: WeGIA 3.5.0 - SQL Injection Date: 2025-10-14 Exploit Author: Onur Demir OnurDemir-Dev Vendor Homepage: https://www.wegia.org Software Link: https://github.com/LabRedesCefetRJ/WeGIA/ Version: " echo...
EUVD-2024-53503
Malicious code in bioql PyPI...
EUVD-2025-5094
Malicious code in bioql PyPI...
CVE-2025-54062
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-54079 WeGIA vulnerable to SQL Injection (Blind Time-Based) in endpoint 'Profile_Atendido.php' parameter 'idatendido'
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the endpoint /html/atendido/ProfileAtendido.php, in the idatendido parameter. This vulnerability allow an authorized...
CVE-2025-54062
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-54062 WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...
CVE-2025-54061 WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarDoc.php endpoint. This vulnerability allo...
CVE-2025-54061 WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarDoc.php endpoint. This vulnerability allo...
CVE-2025-54058 WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarEndereco.php Endpoint
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarEndereco.php endpoint. This vulnerability...
PT-2025-29917 · Wegia · Wegia
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.6 Description: WeGIA is an open source web manager. A SQL Injection vulnerability exists in the idatendido familiares parameter of the /html/funcionario/dependente editarDoc.php endpoint. This allows manipulation o...
CVE-2025-53823
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...
CVE-2025-53823
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...
CVE-2025-53823 WeGIA vulnerable to SQL Injection (Blind Time-Based) in `processa_deletar_socio.php` parameter `id_socio`
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...
CVE-2025-53529 WeGIA allows SQL Injection in html/funcionario/profile_funcionario.php (id_funcionario parameter)
WeGIA is a web manager for charitable institutions. An SQL Injection vulnerability was identified in the /html/funcionario/profilefuncionario.php endpoint. The idfuncionario parameter is not properly sanitized or validated before being used in a SQL query, allowing an unauthenticated attacker to...
CVE-2025-53091 WeGIA has Unauthenticated Time-Based Blind SQL Injection in almox Parameter
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox parameter of the /controle/getProdutosPorAlmox.php endpoint. This issue allows any unauthenticated...
CVE-2025-53091 WeGIA has Unauthenticated Time-Based Blind SQL Injection in almox Parameter
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox parameter of the /controle/getProdutosPorAlmox.php endpoint. This issue allows any unauthenticated...
CVE-2025-52474 WeGIA SQL Injection Vulnerability in id Parameter on control.php Endpoint
WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, a SQL Injection vulnerability was identified in the id parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as...
CVE-2024-57031
WeGIA 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the idfuncionario parameter...
CVE-2025-46828
WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint /html/socio/sistema/getsocios.php, specifically in the query parameter. This issue allows attackers to inject and execute arbitra...