CVE-2025-23218 – WeGIA SQL Injection Vulnerability

CVE ID : CVE-2025-23218

Published : Jan. 20, 2025, 4:15 p.m. | 8 hours, 49 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_especie.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in the database, allowing unauthorized access to sensitive information. During the exploit, it was possible to perform a complete dump of the application’s database, highlighting the severity of the flaw. This vulnerability is fixed in 3.2.10.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-23218 – WeGIA SQL Injection Vulnerability