VYPR

Wegia

by Wegia

Source repositories

CVEs (183)

  • CVE-2025-23037Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `control.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…

  • CVE-2025-22613Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `informacao_adicional.php` endpoint of the WeGIA application. This vulnerability allows attackers to…

  • CVE-2025-22614Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_editarInfoPessoal.php` endpoint of the WeGIA application. This vulnerability allows…

  • CVE-2025-22615Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `Cadastro_Atendido.php` endpoint of the WeGIA application. This vulnerability allows attackers to…

  • CVE-2025-22616Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_parentesco_adicionar.php` endpoint of the WeGIA application. This vulnerability allows…

  • CVE-2025-22617Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `editar_socio.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…

  • CVE-2025-22618Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_cargo.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…

  • CVE-2025-22619Jan 13, 2025
    risk 0.00cvss epss 0.00

    WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `editar_permissoes.php` endpoint of the WeGIA application. This vulnerability allows attackers to…

  • CVE-2025-22600Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This…

  • CVE-2025-22599Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This vulnerability…

  • CVE-2025-22598Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao parameter.…

  • CVE-2025-22597Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao…

  • CVE-2025-22596Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This…

  • CVE-2025-22143Jan 8, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This…

  • CVE-2025-22141Jan 8, 2025
    risk 0.00cvss epss 0.01

    WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /dao/verificar_recursos_cargo.php endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the…

  • CVE-2025-22139Jan 8, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_geral.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This…

  • CVE-2025-22140Jan 8, 2025
    risk 0.00cvss epss 0.01

    WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependente_listar_um.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands,…

  • CVE-2025-22133Jan 7, 2025
    risk 0.00cvss epss 0.01

    WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious…

  • CVE-2025-22132Jan 7, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Cross-Site Scripting (XSS) vulnerability was identified in the file upload functionality of the WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. By uploading a file containing malicious JavaScript code, an…

  • CVE-2024-53473Dec 7, 2024
    risk 0.00cvss epss 0.01

    WeGIA 3.2.0 before 3998672 does not verify permission to change a password.

Page 9 of 10