Vendor CVEs
Wegia
All CVEs
183 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-57034 | 0.00 | — | 0.01 | Jan 17, 2025 | WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter. | |||
| CVE-2024-57031 | 0.00 | — | 0.01 | Jan 17, 2025 | WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter. | |||
| CVE-2025-23038 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject… | |||
| CVE-2025-23030 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows attackers… | |||
| CVE-2025-23031 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-23032 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_escala.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-23033 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_situacao.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-23034 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `tags.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject… | |||
| CVE-2025-23035 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_quadro_horario.php` endpoint of the WeGIA application. This vulnerability allows… | |||
| CVE-2025-23036 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows… | |||
| CVE-2025-23037 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `control.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject… | |||
| CVE-2025-22613 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `informacao_adicional.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-22614 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_editarInfoPessoal.php` endpoint of the WeGIA application. This vulnerability allows… | |||
| CVE-2025-22615 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `Cadastro_Atendido.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-22616 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_parentesco_adicionar.php` endpoint of the WeGIA application. This vulnerability allows… | |||
| CVE-2025-22617 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `editar_socio.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject… | |||
| CVE-2025-22618 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_cargo.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject… | |||
| CVE-2025-22619 | 0.00 | — | 0.00 | Jan 13, 2025 | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `editar_permissoes.php` endpoint of the WeGIA application. This vulnerability allows attackers to… | |||
| CVE-2025-22600 | 0.00 | — | 0.00 | Jan 10, 2025 | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This… | |||
| CVE-2025-22599 | 0.00 | — | 0.00 | Jan 10, 2025 | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This vulnerability… | |||
| CVE-2025-22598 | 0.00 | — | 0.00 | Jan 10, 2025 | WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao parameter.… | |||
| CVE-2025-22597 | 0.00 | — | 0.00 | Jan 10, 2025 | WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao… | |||
| CVE-2025-22596 | 0.00 | — | 0.00 | Jan 10, 2025 | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This… | |||
| CVE-2025-22143 | 0.00 | — | 0.00 | Jan 8, 2025 | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This… | |||
| CVE-2025-22141 | 0.00 | — | 0.01 | Jan 8, 2025 | WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /dao/verificar_recursos_cargo.php endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the… | |||
| CVE-2025-22139 | 0.00 | — | 0.00 | Jan 8, 2025 | WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_geral.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This… | |||
| CVE-2025-22140 | 0.00 | — | 0.01 | Jan 8, 2025 | WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependente_listar_um.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands,… | |||
| CVE-2025-22133 | 0.00 | — | 0.01 | Jan 7, 2025 | WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious… | |||
| CVE-2025-22132 | 0.00 | — | 0.00 | Jan 7, 2025 | WeGIA is a web manager for charitable institutions. A Cross-Site Scripting (XSS) vulnerability was identified in the file upload functionality of the WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. By uploading a file containing malicious JavaScript code, an… | |||
| CVE-2024-53473 | 0.00 | — | 0.01 | Dec 7, 2024 | WeGIA 3.2.0 before 3998672 does not verify permission to change a password. | |||
| CVE-2024-53470 | 0.00 | — | 0.00 | Dec 5, 2024 | Multiple stored cross-site scripting (XSS) vulnerabilities in the component /configuracao/gateway_pagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter. | |||
| CVE-2024-53471 | 0.00 | — | 0.00 | Dec 5, 2024 | Multiple stored cross-site scripting (XSS) vulnerabilities in the component /configuracao/meio_pagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter. | |||
| CVE-2024-53472 | 0.00 | — | 0.00 | Dec 5, 2024 | WeGIA v3.2.0 was discovered to contain a Cross-Site Request Forgery (CSRF). |
- CVE-2024-57034Jan 17, 2025risk 0.00cvss —epss 0.01
WeGIA < 3.2.0 is vulnerable to SQL Injection in query_geracao_auto.php via the query parameter.
- CVE-2024-57031Jan 17, 2025risk 0.00cvss —epss 0.01
WeGIA < 3.2.0 is vulnerable to SQL Injection in /funcionario/remuneracao.php via the id_funcionario parameter.
- CVE-2025-23038Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…
- CVE-2025-23030Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows attackers…
- CVE-2025-23031Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-23032Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_escala.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-23033Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_situacao.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-23034Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `tags.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…
- CVE-2025-23035Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_tipo_quadro_horario.php` endpoint of the WeGIA application. This vulnerability allows…
- CVE-2025-23036Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows…
- CVE-2025-23037Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `control.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…
- CVE-2025-22613Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `informacao_adicional.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-22614Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_editarInfoPessoal.php` endpoint of the WeGIA application. This vulnerability allows…
- CVE-2025-22615Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `Cadastro_Atendido.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-22616Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_parentesco_adicionar.php` endpoint of the WeGIA application. This vulnerability allows…
- CVE-2025-22617Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `editar_socio.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…
- CVE-2025-22618Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_cargo.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject…
- CVE-2025-22619Jan 13, 2025risk 0.00cvss —epss 0.00
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `editar_permissoes.php` endpoint of the WeGIA application. This vulnerability allows attackers to…
- CVE-2025-22600Jan 10, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This…
- CVE-2025-22599Jan 10, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This vulnerability…
- CVE-2025-22598Jan 10, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao parameter.…
- CVE-2025-22597Jan 10, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao…
- CVE-2025-22596Jan 10, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the modulos_visiveis.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This…
- CVE-2025-22143Jan 8, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the listar_permissoes.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_e parameter. This…
- CVE-2025-22141Jan 8, 2025risk 0.00cvss —epss 0.01
WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /dao/verificar_recursos_cargo.php endpoint, specifically in the cargo parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the…
- CVE-2025-22139Jan 8, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_geral.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This…
- CVE-2025-22140Jan 8, 2025risk 0.00cvss —epss 0.01
WeGIA is a web manager for charitable institutions. A SQL Injection vulnerability was identified in the /html/funcionario/dependente_listar_um.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands,…
- CVE-2025-22133Jan 7, 2025risk 0.00cvss —epss 0.01
WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious…
- CVE-2025-22132Jan 7, 2025risk 0.00cvss —epss 0.00
WeGIA is a web manager for charitable institutions. A Cross-Site Scripting (XSS) vulnerability was identified in the file upload functionality of the WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. By uploading a file containing malicious JavaScript code, an…
- CVE-2024-53473Dec 7, 2024risk 0.00cvss —epss 0.01
WeGIA 3.2.0 before 3998672 does not verify permission to change a password.
- CVE-2024-53470Dec 5, 2024risk 0.00cvss —epss 0.00
Multiple stored cross-site scripting (XSS) vulnerabilities in the component /configuracao/gateway_pagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter.
- CVE-2024-53471Dec 5, 2024risk 0.00cvss —epss 0.00
Multiple stored cross-site scripting (XSS) vulnerabilities in the component /configuracao/meio_pagamento.php of WeGIA v3.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the id or name parameter.
- CVE-2024-53472Dec 5, 2024risk 0.00cvss —epss 0.00
WeGIA v3.2.0 was discovered to contain a Cross-Site Request Forgery (CSRF).
Page 4 of 4