VYPR

Wegia

by LabRedesCefetRJ

Source repositories

CVEs (166)

  • CVE-2025-22600Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This…

  • CVE-2025-22599Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This vulnerability…

  • CVE-2025-22598Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao parameter.…

  • CVE-2025-22597Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao…

  • CVE-2025-22596Jan 10, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This…

  • CVE-2025-22143Jan 8, 2025
    risk 0.00cvss epss 0.00

    WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This…

Page 9 of 9