Metrics
Affected Vendors & Products
Thu, 14 Aug 2025 06:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Wegia
Wegia wegia |
|
CPEs | cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:* | |
Vendors & Products |
Wegia
Wegia wegia |
|
Metrics |
cvssV3_1
|
Tue, 12 Aug 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 12 Aug 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8, a SQL Injection vulnerability was identified in the /html/saude/aplicar_medicamento.php endpoint, specifically in the id_fichamedica parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This issue has been patched in version 3.4.8. | |
Title | WeGIA SQL Injection via id_fichamedica at endpoint `GET /html/saude/aplicar_medicamento.php` | |
Weaknesses | CWE-89 | |
References |
|
|
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-08-12T19:28:34.701Z
Reserved: 2025-08-07T18:27:23.307Z
Link: CVE-2025-55168

Updated: 2025-08-12T19:28:23.360Z

Status : Analyzed
Published: 2025-08-12T19:15:36.293
Modified: 2025-08-14T01:30:09.880
Link: CVE-2025-55168

No data.

Updated: 2025-08-13T21:47:49Z