CVE-2025-55167

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.8

Description: WeGIA is an open-source web manager designed for the Portuguese language and charitable institutions. A SQL Injection vulnerability exists in the /html/funcionario/dependente remover.php API endpoint, specifically affecting the id dependente parameter. Successful exploitation allows attackers to execute arbitrary SQL commands, potentially compromising the confidentiality, integrity, and availability of the database.

Recommendations: Update WeGIA to version 3.4.8 or later.