CVE-2025-67501

Name of the Vulnerable Software and Affected Versions WeGIA versions 3.5.4 and below

Description WeGIA is a web manager for institutions, primarily for Portuguese language users. The application does not properly validate and sanitize user inputs in the id categoria parameter of the /html/matPat/editar categoria.php endpoint, allowing attackers to inject malicious SQL payloads for direct execution. This could lead to complete system compromise, requiring administrative privileges for exploitation.

Recommendations Update to version 3.5.5 or later.