Elisangelasilvademendonca

#7713of 53,633
35.6Total CVSS
Vulnerabilities · 5
Medium
4
Critical
1
PT-2025-34255
6.4
2025-08-21
Wegia · Wegia · CVE-2025-57763
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.7 Description: WeGIA is a Web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the `insere despacho.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the cpf sccs file. Recommendations: Update WeGIA to version 3.4.7 or later.
PT-2025-29518
10
2025-07-14
Wegia · Wegia · CVE-2025-53823
Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.5 Description: WeGIA is an open source web manager designed for the Portuguese language and charitable institutions. A SQL Injection vulnerability exists that allows the execution of arbitrary SQL commands, potentially compromising the confidentiality, integrity, and availability of stored data. The vulnerability is located in the `/WeGIA/html/socio/sistema/processa deletar socio.php` endpoint, specifically within the `id socio` parameter. Recommendations: Update WeGIA to version 3.4.5 or later.
PT-2025-29840
6.4
2025-07-11
Wegia · Wegia · CVE-2025-53930
**Name of the Vulnerable Software and Affected Versions** WeGIA versions prior to 3.4.5 **Description** WeGIA is an open source web manager designed for the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability exists in the `adicionar especie.php` endpoint. This allows attackers to inject malicious scripts into the `especie` parameter, which are then stored on the server and executed when users access the affected page. **Recommendations** Update to version 3.4.5 or later.
PT-2025-29841
6.4
2025-07-11
Wegia · Wegia · CVE-2025-53931
**Name of the Vulnerable Software and Affected Versions** WeGIA versions prior to 3.4.5 **Description** WeGIA is an open-source web manager designed for the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability exists in the `adicionar raca.php` endpoint. This allows attackers to inject malicious scripts into the `raca` parameter, which are then stored on the server and executed when users access the affected page. **Recommendations** Update WeGIA to version 3.4.5 or later.
PT-2025-29861
6.4
2025-07-11
Wegia · Wegia · CVE-2025-53932
**Name of the Vulnerable Software and Affected Versions** WeGIA versions prior to 3.4.5 **Description** WeGIA is an open-source web manager designed for Portuguese-speaking users and charitable organizations. A Reflected Cross-Site Scripting (XSS) vulnerability exists in the `cadastro adotante.php` endpoint. Attackers can inject malicious scripts through the `cpf` parameter. **Recommendations** Update to version 3.4.5 or later.