CVE-2025-54060

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.4.6

Description WeGIA is an open source web manager. A SQL Injection issue was identified that allows an attacker to manipulate SQL queries and access sensitive database information. The vulnerability exists in the idatendido familiares parameter of the /html/funcionario/dependente editarInfoPessoal.php endpoint.

Recommendations Update to version 3.4.6 or later.