CVE-2025-58453

Name of the Vulnerable Software and Affected Versions: WeGIA versions 3.4.10 and prior

Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability exists in the /WeGIA/html/memorando/exibe anexo.php API endpoint, specifically in the id anexo parameter. This allows an attacker to execute arbitrary SQL queries and potentially access sensitive information.

Recommendations: Update WeGIA to version 3.4.11 or later.