Labredescefetrj Wegia vulnerabilities
173 known vulnerabilities affecting labredescefetrj/wegia.
Total CVEs
173
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
CRITICAL36HIGH44MEDIUM92
Vulnerabilities
Page 8 of 9
CVE-2025-23038P4MEDIUMCVSS 5.4fixed in 3.2.62025-01-14
CVE-2025-23038 [MEDIUM] CWE-79 CVE-2025-23038: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `remuneracao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the `descricao` parameter. The injected scripts are s
nvd
CVE-2025-23033P4MEDIUMCVSS 5.4fixed in 3.2.62025-01-14
CVE-2025-23033 [MEDIUM] CWE-79 CVE-2025-23033: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_situacao.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the `situacao` parameter. The injected scripts
nvd
CVE-2025-23031P4MEDIUMCVSS 5.4fixed in 3.2.62025-01-14
CVE-2025-23031 [MEDIUM] CWE-79 CVE-2025-23031: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_alergia.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the `nome` parameter. The injected scripts are
nvd
CVE-2025-22614P4MEDIUMCVSS 5.4fixed in 3.2.62025-01-13
CVE-2025-22614 [MEDIUM] CWE-79 CVE-2025-22614: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_editarInfoPessoal.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the `nome` and `SobrenomeForm`parame
nvd
CVE-2025-22616P4MEDIUMCVSS 5.4fixed in 3.2.62025-01-13
CVE-2025-22616 [MEDIUM] CWE-79 CVE-2025-22616: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `dependente_parentesco_adicionar.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the `descricao` parameter. The in
nvd
CVE-2025-27420P4MEDIUMCVSS 5.4fixed in 3.2.162025-03-03
CVE-2025-27420 [MEDIUM] CWE-79 CVE-2025-27420: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A St
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the atendido_parentesco_adicionar.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the descricao parameter. The injected scripts
nvd
CVE-2025-53930P4MEDIUMCVSS 5.4fixed in 3.4.52025-07-16
CVE-2025-53930 [MEDIUM] CWE-79 CVE-2025-53930: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_especie.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `especie` parameter.
nvd
CVE-2025-53929P4MEDIUMCVSS 5.4fixed in 3.4.52025-07-16
CVE-2025-53929 [MEDIUM] CWE-79 CVE-2025-53929: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_cor.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `cor` parameter. The inj
nvd
CVE-2025-53931P4MEDIUMCVSS 5.4fixed in 3.4.52025-07-16
CVE-2025-53931 [MEDIUM] CWE-79 CVE-2025-53931: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_raca.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `raca` parameter. The i
nvd
CVE-2025-53933P4MEDIUMCVSS 5.4fixed in 3.4.52025-07-16
CVE-2025-53933 [MEDIUM] CWE-79 CVE-2025-53933: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `adicionar_enfermidade.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `nome` parameter
nvd
CVE-2025-53934P4MEDIUMCVSS 5.4fixed in 3.4.52025-07-16
CVE-2025-53934 [MEDIUM] CWE-79 CVE-2025-53934: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the `control.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts into the `descricao_emergencia` paramet
nvd
CVE-2025-27418P4MEDIUMCVSS 5.4fixed in 3.2.162025-03-03
CVE-2025-27418 [MEDIUM] CWE-79 CVE-2025-27418: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A St
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the adicionar_tipo_atendido.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the tipo parameter. The injected scripts are stored
nvd
CVE-2025-22600P4MEDIUMCVSS 6.5fixed in 3.2.82025-01-10
CVE-2025-22600 [MEDIUM] CWE-79 CVE-2025-22600: WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerabi
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This vulnerability is fixed in 3.2.8.
nvd
CVE-2025-22599P4MEDIUMCVSS 6.5fixed in 3.2.82025-01-10
CVE-2025-22599 [MEDIUM] CWE-79 CVE-2025-22599: WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerabi
WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msg_c parameter. This vulnerability is fixed in 3.2.8.
nvd
CVE-2025-22619P4MEDIUMCVSS 6.1fixed in 3.2.62025-01-13
CVE-2025-22619 [MEDIUM] CWE-79 CVE-2025-22619: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `editar_permissoes.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the `msg_c` parameter. The application fails t
nvd
CVE-2025-53932P4MEDIUMCVSS 6.1fixed in 3.4.52025-07-16
CVE-2025-53932 [MEDIUM] CWE-79 CVE-2025-53932: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `cadastro_adotante.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `cpf` parameter. Ve
nvd
CVE-2025-53936P4MEDIUMCVSS 6.1fixed in 3.4.52025-07-16
CVE-2025-53936 [MEDIUM] CWE-79 CVE-2025-53936: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `personalizacao_selecao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `nome_car` par
nvd
CVE-2025-53822P4MEDIUMCVSS 6.1fixed in 3.4.52025-07-14
CVE-2025-53822 [MEDIUM] CWE-79 CVE-2025-53822: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `relatorio_geracao.php` endpoint of the WeGIA application prior to version 3.4.5. This vulnerability allows attackers to inject malicious scripts in the `tipo_relatorio` pa
nvd
CVE-2025-23036P4MEDIUMCVSS 5.4fixed in 3.2.72025-01-14
CVE-2025-23036 [MEDIUM] CWE-79 CVE-2025-23036: WeGIA is an open source web manager with a focus on the Portuguese language and charitable instituti
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the `pre_cadastro_funcionario.php` endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the `msg_e` parameter. The application
nvd
CVE-2025-62178P4MEDIUMCVSS 5.4fixed in 3.5.12025-10-13
CVE-2025-62178 [MEDIUM] CWE-79 CVE-2025-62178: WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prio
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Prior to 3.5.1, a Reflected Cross-Site Scripting (XSS) vulnerability was identified in the /html/atendido/cadastro_atendido_parentesco_pessoa_nova.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the
nvd