Metrics
Affected Vendors & Products
Fri, 25 Jul 2025 16:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:* | |
Metrics |
cvssV3_1
|
Fri, 18 Jul 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 16 Jul 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the `/controle/control.php` endpoint, specifically in the `cargo` parameter, of WeGIA prior to version 3.4.5. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. Version 3.4.5 fixes the issue. | |
Title | WeGIA has SQL Injection (Blind Time-Based) Vulnerability in `cargo` Parameter on `control.php` Endpoint | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-07-18T14:35:41.167Z
Reserved: 2025-07-14T17:23:35.261Z
Link: CVE-2025-53937

Updated: 2025-07-18T14:35:29.692Z

Status : Analyzed
Published: 2025-07-16T16:15:29.127
Modified: 2025-07-25T16:37:26.063
Link: CVE-2025-53937

No data.

Updated: 2025-07-21T15:17:25Z