3 matches found
CVE-2024-57035
WeGIA v3.2.0 is vulnerable to SQL Injection via the nextPage parameter in /controle/control.php. The CVE records a high-severity issue (CVSS 3.1: 9.8) with network attack vector and no privileges/user interaction required. Remediation details are not provided in the supplied documents.
CVE-2024-53472
CVE-2024-53472 affects WeGIA v3.2.0, with a Cross-Site Request Forgery (CSRF) vulnerability. CVSS v3.1 base score 8.8 (HIGH); attack vector NETWORK, requiring user interaction, with confidentiality, integrity, and availability impacts all High. Root cause is CSRF in the web application; exploitat...
CVE-2024-53472
WeGIA v3.2.0 was discovered to contain a Cross-Site Request Forgery CSRF...