Wegia
by Wegia
Source repositories
CVEs (183)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-24957 | 0.00 | — | 0.01 | Feb 3, 2025 | WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_detalhes_socio.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion… | |||
| CVE-2025-24958 | 0.00 | — | 0.01 | Feb 3, 2025 | WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_tag.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of… | |||
| CVE-2025-24020 | 0.00 | — | 0.00 | Jan 21, 2025 | WeGIA is a Web manager for charitable institutions. An Open Redirect vulnerability was identified in the `control.php` endpoint of versions up to and including 3.2.10 of the WeGIA application. The vulnerability allows the `nextPage` parameter to be manipulated, redirecting… | |||
| CVE-2025-23220 | 0.00 | — | 0.01 | Jan 20, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_raca.php endpoint. This vulnerability allows attackers to execute… | |||
| CVE-2025-23219 | 0.00 | — | 0.01 | Jan 20, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_cor.php endpoint. This vulnerability allows attackers to execute… | |||
| CVE-2025-23218 | 0.00 | — | 0.01 | Jan 20, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_especie.php endpoint. This vulnerability allows attackers to execute… | |||
| CVE-2024-57035 | 0.00 | — | 0.01 | Jan 17, 2025 | WeGIA v3.2.0 is vulnerable to SQL Injection viathe nextPage parameter in /controle/control.php. | |||
| CVE-2024-57033 | 0.00 | — | 0.00 | Jan 17, 2025 | WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo parameter of documentos_funcionario.php. | |||
| CVE-2024-57030 | 0.00 | — | 0.01 | Jan 17, 2025 | Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter. | |||
| CVE-2024-57032 | 0.00 | — | 0.01 | Jan 17, 2025 | WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing any value in the senha_antiga field. | |||
| CVE-2024-57034 | 0.00 | — | 0.01 | Jan 17, 2025 | WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter. | |||
| CVE-2024-57031 | 0.00 | — | 0.01 | Jan 17, 2025 | WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter. | |||
| CVE-2025-23038 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject… | |||
| CVE-2025-23030 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows attackers… | |||
| CVE-2025-23031 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-23032 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_escala.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-23033 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_situacao.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-23034 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `tags.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject… | |||
| CVE-2025-23035 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_quadro_horario.php` endpoint of the WeGIA application. This vulnerability allows… | |||
| CVE-2025-23036 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows… |
- CVE-2025-24957Feb 3, 2025risk 0.00cvss —epss 0.01
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_detalhes_socio.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion…
- CVE-2025-24958Feb 3, 2025risk 0.00cvss —epss 0.01
WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_tag.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of…
- CVE-2025-24020Jan 21, 2025risk 0.00cvss —epss 0.00
WeGIA is a Web manager for charitable institutions. An Open Redirect vulnerability was identified in the `control.php` endpoint of versions up to and including 3.2.10 of the WeGIA application. The vulnerability allows the `nextPage` parameter to be manipulated, redirecting…
- CVE-2025-23220Jan 20, 2025risk 0.00cvss —epss 0.01
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_raca.php endpoint. This vulnerability allows attackers to execute…
- CVE-2025-23219Jan 20, 2025risk 0.00cvss —epss 0.01
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_cor.php endpoint. This vulnerability allows attackers to execute…
- CVE-2025-23218Jan 20, 2025risk 0.00cvss —epss 0.01
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_especie.php endpoint. This vulnerability allows attackers to execute…
- CVE-2024-57035Jan 17, 2025risk 0.00cvss —epss 0.01
WeGIA v3.2.0 is vulnerable to SQL Injection viathe nextPage parameter in /controle/control.php.
- CVE-2024-57033Jan 17, 2025risk 0.00cvss —epss 0.00
WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo parameter of documentos_funcionario.php.
- CVE-2024-57030Jan 17, 2025risk 0.00cvss —epss 0.01
Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter.
- CVE-2024-57032Jan 17, 2025risk 0.00cvss —epss 0.01
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing any value in the senha_antiga field.
- CVE-2024-57034Jan 17, 2025risk 0.00cvss —epss 0.01
WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter.
- CVE-2024-57031Jan 17, 2025risk 0.00cvss —epss 0.01
WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter.
- CVE-2025-23038Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…
- CVE-2025-23030Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows attackers…
- CVE-2025-23031Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-23032Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_escala.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-23033Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_situacao.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-23034Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `tags.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…
- CVE-2025-23035Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_quadro_horario.php` endpoint of the WeGIA application. This vulnerability allows…
- CVE-2025-23036Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows…
Page 8 of 10