- Description
- WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_detalhes_cobranca.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. This issue has been addressed in version 3.2.12 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
- Source
- security-advisories@github.com
- NVD status
- Analyzed
CVSS 4.0
- Type
- Secondary
- Base score
- 10
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- security-advisories@github.com
- CWE-89
- Hype score
- Not currently trending
CVE-2025-24906 WeGIA is a Web Manager for Charitable Institutions. A SQL Injection vulnerability was discovered in the WeGIA application, `get_detalhes_cobranca.php` endpoint. This … https://t.co/z2Ph4huuCv
@CVEnew
3 Feb 2025
510 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-24906 SQL Injection in WeGIA 3.2.x Web Manager Allowing Unautho... https://t.co/hhM3y2EkAi Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd
@VulmonFeeds
3 Feb 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-24906: CRITICAL] SQL Injection vulnerability found in WeGIA Web Manager's `get_detalhes_cobranca.php`. Update to version 3.2.12 to fix and avoid unauthorized access to sensitive data. No known workarounds.#cybersecurity,#vulnerability https://t.co/fK5qrn50ud https://t.c
@CveFindCom
3 Feb 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A421C69D-AB7C-4DC3-B02E-150D6EA2862D",
"versionEndExcluding": "3.2.12"
}
],
"operator": "OR"
}
]
}
]