EUVD-2025-5094

Malicious code in bioql PyPI...

EUVD-2024-53503

Malicious code in bioql PyPI...

CVE-2025-54062

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...

CVE-2025-54062 WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the /html/funcionario/profiledependente.php endpoint, specifically in the iddependente parameter. This vulnerability...

CVE-2025-54061 WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarDoc.php endpoint. This vulnerability allo...

CVE-2025-54061 WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.4.6 in the idatendidofamiliares parameter of the /html/funcionario/dependenteeditarDoc.php endpoint. This vulnerability allo...

CVE-2025-53823

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...

CVE-2025-53823

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...

CVE-2025-53823 WeGIA vulnerable to SQL Injection (Blind Time-Based) in `processa_deletar_socio.php` parameter `id_socio`

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Versions prior to 3.4.5 have a SQL Injection vulnerability in the endpoint /WeGIA/html/socio/sistema/processadeletarsocio.php, in the idsocio parameter. This vulnerability allows the execution...

CVE-2025-53091 WeGIA has Unauthenticated Time-Based Blind SQL Injection in almox Parameter

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox parameter of the /controle/getProdutosPorAlmox.php endpoint. This issue allows any unauthenticated...

CVE-2024-57031

WeGIA 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the idfuncionario parameter...

CVE-2025-30367

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.6 in the nextPage parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information...

CVE-2025-30367 WeGIA SQL Injection Vulnerability in nextPage Parameter on control.php Endpoint

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.6 in the nextPage parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information...

CVE-2025-30365 SQL Injection in query_geracao_auto.php

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in versions prior to 3.2.8 in the endpoint /WeGIA/html/socio/sistema/controller/querygeracaoauto.php, specifically in the query parameter. This vulnerability allows the execution of arbitrary SQL...

CVE-2025-27096

CVE-2025-27096 affects WeGIA Web Manager for Institutions. A SQL Injection vulnerability exists in the personalizacao_upload.php endpoint that can allow an authorized attacker to run arbitrary SQL queries and access sensitive data. The issue is mitigated by upgrading to WeGIA 3.2.14; no public wo...

CVE-2025-26605 SQL Injection endpoint 'deletar_cargo.php' parameter 'id_cargo' in WeGIA

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, deletarcargo.php endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access...

CVE-2025-26606

WeGIA is affected by a SQL Injection in the informacao_adicional.php endpoint (parameter id_descricao) that can allow arbitrary SQL execution and access to sensitive data. The issue is resolved in version 3.2.13; users should upgrade to that version. The records consistently describe a high-sever...

CVE-2025-26607

CVE-2025-26607 affects WeGIA, an open source Web Manager for Institutions. A SQL Injection vulnerability exists in the documento_excluir.php endpoint (id_funcionario parameter), enabling arbitrary SQL queries and unauthorized data access. The issue has been fixed in version 3.2.13; upgrade to tha...

CVE-2025-26609 SQL Injection endpoint 'familiar_docfamiliar.php' parameter 'id_dependente', 'id_doc' in WeGIA

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A SQL Injection vulnerability was discovered in the WeGIA application, familiardocfamiliar.php endpoint. This vulnerability could allow an attacker to execute arbitrary SQL queries, allowing unauthoriz...

CVE-2025-24902

WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, salvarcargo.php endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. Thi...