CVE-2025-58454

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.11

Description: WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability exists in the /WeGIA/html/memorando/listar despachos.php endpoint, specifically in the id memorando parameter. This allows an authorized attacker to execute arbitrary SQL queries, potentially leading to unauthorized access to sensitive information.

Recommendations: Update WeGIA to version 3.4.11 or later.