Latest vulnerabilities for "wegia"

10

EPSS

0.04%

First published 7d ago (updated 6d ago)

CVE-2025-30367

WeGIAWeGIA vulnerable to Stored XSS in personalizacao.php

6.2

EPSS

0.06%

First published 7d ago (updated 6d ago)

CVE-2025-30366

WeGIASQL Injection in query_geracao_auto.php

9.4

EPSS

0.05%

First published 7d ago (updated 6d ago)

CVE-2025-30365

WeGIAWeGIA vulnerable to SQL Injection (Blind Time-Based) in remuneracao.php parameter id_funcionario

10

EPSS

0.07%

First published 7d ago (updated 6d ago)

CVE-2025-30364

WeGIAWeGIA vulnerable to Stored XSS in documentos_funcionario.php parameter dados_addInfo

6.4

EPSS

0.06%

First published 7d ago (updated 6d ago)

CVE-2025-30363

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WeGIAWeGIA Vulnerable to Broken Authentication - Old Password Validation

9.3

EPSS

0.07%

First published 7d ago (updated 6d ago)

CVE-2025-30361

WeGIAWeGIA Cross-Site Scripting (XSS) Stored in endpoint `adicionar_tipo_docs_atendido.php` parameter `tipo`

6.4

EPSS

0.03%

First published 3w ago (updated 1w ago)

CVE-2025-29782

WeGIAWeGIA has a stored Cross-Site Scripting (XSS) in 'processa_edicao_socio.php' via the 'socio_nome' parameter

6.4

EPSS

0.03%

First published 1mo ago (updated 4w ago)

CVE-2025-27499

WeGIADenial of Service (DoS) in WeGIA due to Recursive Crawling of Dynamic URLs

9.2

EPSS

0.13%

First published 1mo ago (updated 4w ago)

CVE-2025-27419

WeGIAWeGIA contains a Stored Cross-Site Scripting (XSS) in 'atendido_parentesco_adicionar.php' via the 'descricao' parameter

6.4

EPSS

0.06%

First published 1mo ago (updated 4w ago)

CVE-2025-27420

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WeGIAWeGIA contains a Stored Cross-Site Scripting (XSS) in 'adicionar_tipo_atendido.php' via the 'tipo' parameter

6.4

EPSS

0.06%

First published 1mo ago (updated 4w ago)

CVE-2025-27418

WeGIAWeGIA Contains a Stored Cross-Site Scripting (XSS) in 'adicionar_status_atendido.php' via the 'status' parameter

6.4

EPSS

0.06%

First published 1mo ago (updated 4w ago)

CVE-2025-27417

WeGIAWeGIA vulnerable to OS Command Injection at endpoint 'importar_dump.php' parameter 'import' (RCE)

10

EPSS

0.49%

First published 1mo ago (updated 1mo ago)

CVE-2025-27140

WeGIAWeGIA has SQL Injection endpoint at 'dao/pet/adicionar_tipo_exame.php' parameter 'tipo_exame'

9.4

EPSS

0.04%

First published 1mo ago (updated 1mo ago)

CVE-2025-27133

WeGIASQL Injection endpoint 'html/personalizacao_upload.php' parameter 'id_campo' in WeGIA

9.8

EPSS

0.04%

First published 1mo ago (updated 1mo ago)

CVE-2025-27096

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WeGIASQL Injection endpoint 'deletar_cargo.php' parameter 'id_cargo' in WeGIA

9.4

EPSS

0.04%

First published 1mo ago (updated 1mo ago)

CVE-2025-26605

WeGIASQL Injection endpoint 'informacao_adicional.php' parameter 'id_descricao' in WeGIA

10

EPSS

0.05%

First published 1mo ago (updated 1mo ago)

CVE-2025-26606

WeGIASQL Injection endpoint 'documento_excluir.php' parameter 'id_funcionario' in WeGIA

10

EPSS

0.05%

First published 1mo ago (updated 1mo ago)

CVE-2025-26607

WeGIASQL Injection endpoint 'dependente_docdependente.php' parameter 'id_dependente', 'id_doc' in WeGIA

10

EPSS

0.05%

First published 1mo ago (updated 1mo ago)

CVE-2025-26608

WeGIASQL Injection endpoint 'familiar_docfamiliar.php' parameter 'id_dependente', 'id_doc' in WeGIA

10

EPSS

0.05%

First published 1mo ago (updated 1mo ago)

CVE-2025-26609

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WeGIASQL Injection endpoint 'restaurar_produto_desocultar.php' parameter 'id_produto' in WeGIA

9.8

EPSS

0.04%

First published 1mo ago (updated 1mo ago)

CVE-2025-26610

WeGIASQL Injection endpoint 'remover_produto.php' parameter 'id_produto' in WeGIA

10

EPSS

0.05%

First published 1mo ago (updated 1mo ago)

CVE-2025-26611

WeGIASQL Injection endpoint 'adicionar_almoxarife.php' parameter 'id_almoxarifado', 'id_funcionario' in WeGIA

10

EPSS

0.05%

First published 1mo ago (updated 1mo ago)

CVE-2025-26612

WeGIAOS Command Injection endpoint 'gerenciar_backup.php' parameter 'file' (RCE) in WeGIA

10

EPSS

0.28%

First published 1mo ago (updated 1mo ago)

CVE-2025-26613

WeGIASQL Injection endpoint 'deletar_documento.php' parameter 'id_cargo' in WeGIA

9.4

EPSS

0.04%

First published 1mo ago (updated 1mo ago)

CVE-2025-26614

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

WeGIAPath Traversal endpoint 'examples.php' parameter 'src' in WeGIA

10

EPSS

0.09%

First published 1mo ago (updated 1mo ago)

CVE-2025-26615

WeGIAPath Traversal endpoint 'exportar_dump.php' parameter 'file' in WeGIA

10

EPSS

0.09%

First published 1mo ago (updated 1mo ago)

CVE-2025-26616

WeGIASQL Injection endpoint 'historico_paciente.php' parameter 'id_fichamedica' in WeGIA

10

EPSS

0.05%

First published 1mo ago (updated 1mo ago)

CVE-2025-26617

WeGIASQL Injection endpoint 'deletar_permissao.php' parameter 'c', 'a', 'r' in WeGIA

9.4

EPSS

0.05%

First published 2mo ago (updated 2mo ago)

CVE-2025-24901

WeGIASQL Injection endpoint 'salvar_cargo.php' parameter 'id_cargo' in WeGIA

9.4

EPSS

0.05%

First published 2mo ago (updated 2mo ago)

CVE-2025-24902

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.