VYPR

Wegia

by Wegia

Source repositories

CVEs (183)

  • CVE-2025-24957Feb 3, 2025
    risk 0.00cvss epss 0.01

    WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_detalhes_socio.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion…

  • CVE-2025-24958Feb 3, 2025
    risk 0.00cvss epss 0.01

    WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `salvar_tag.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of…

  • CVE-2025-24020Jan 21, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a Web manager for charitable institutions. An Open Redirect vulnerability was identified in the `control.php` endpoint of versions up to and including 3.2.10 of the WeGIA application. The vulnerability allows the `nextPage` parameter to be manipulated, redirecting…

  • CVE-2025-23220Jan 20, 2025
    risk 0.00cvss epss 0.01

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_raca.php endpoint. This vulnerability allows attackers to execute…

  • CVE-2025-23219Jan 20, 2025
    risk 0.00cvss epss 0.01

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_cor.php endpoint. This vulnerability allows attackers to execute…

  • CVE-2025-23218Jan 20, 2025
    risk 0.00cvss epss 0.01

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_especie.php endpoint. This vulnerability allows attackers to execute…

  • CVE-2024-57035Jan 17, 2025
    risk 0.00cvss epss 0.01

    WeGIA v3.2.0 is vulnerable to SQL Injection viathe nextPage parameter in /controle/control.php.

  • CVE-2024-57033Jan 17, 2025
    risk 0.00cvss epss 0.00

    WeGIA < 3.2.0 is vulnerable to Cross Site Scripting (XSS) via the dados_addInfo parameter of documentos_funcionario.php.

  • CVE-2024-57030Jan 17, 2025
    risk 0.00cvss epss 0.01

    Wegia < 3.2.0 is vulnerable to Cross Site Scripting (XSS) in /geral/documentos_funcionario.php via the id parameter.

  • CVE-2024-57032Jan 17, 2025
    risk 0.00cvss epss 0.01

    WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing any value in the senha_antiga field.

  • CVE-2024-57034Jan 17, 2025
    risk 0.00cvss epss 0.01

    WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter.

  • CVE-2024-57031Jan 17, 2025
    risk 0.00cvss epss 0.01

    WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter.

  • CVE-2025-23038Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…

  • CVE-2025-23030Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows attackers…

  • CVE-2025-23031Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php` endpoint of the WeGIA application. This vulnerability allows attackers to…

  • CVE-2025-23032Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_escala.php` endpoint of the WeGIA application. This vulnerability allows attackers to…

  • CVE-2025-23033Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_situacao.php` endpoint of the WeGIA application. This vulnerability allows attackers to…

  • CVE-2025-23034Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `tags.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…

  • CVE-2025-23035Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_quadro_horario.php` endpoint of the WeGIA application. This vulnerability allows…

  • CVE-2025-23036Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows…

Page 8 of 10