Unrated severityNVD Advisory· Published Oct 2, 2025· Updated Oct 3, 2025
WeGIA: Broken Access Control in `get_relatorios_socios.php` Endpoint
CVE-2025-61665
Description
WeGIA is an open source web manager with a focus on charitable institutions. Versions 3.4.12 and below contain a Broken Access Control vulnerability, identified in the get_relatorios_socios.php endpoint. This vulnerability allows unauthenticated attackers to directly access sensitive personal and financial information of members without requiring authentication or authorization. This issue is fixed in version 3.5.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: < 3.5.0
Patches
Vulnerability mechanics
References
2- github.com/LabRedesCefetRJ/WeGIA/commit/828f23a6a760a52b8bb8bfd583cc2b23c42da51emitrex_refsource_MISC
- github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-62wp-6qmh-6p5fmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.