CVE-2025-61605

Name of the Vulnerable Software and Affected Versions WeGIA versions 3.4.12 and below

Description WeGIA is an open source web manager designed for charitable institutions. A SQL Injection issue exists in the id pet parameter of the '/pet/profile pet.php' API endpoint. This allows attackers to execute arbitrary SQL commands, potentially compromising the database's confidentiality, integrity, and availability. The issue allows for full database takeover with low privileges.

Recommendations Update to version 3.5.0 or later.