CVE-2025-23220 in WeGIA정보

요약

\~에 의해 MITRE • 2025. 01. 20.

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_raca.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in the database, allowing unauthorized access to sensitive information. During the exploit, it was possible to perform a complete dump of the application's database, highlighting the severity of the flaw. This vulnerability is fixed in 3.2.10.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

GitHub M

예약하다

2025. 01. 13.

공개

2025. 01. 20.

모더레이션

수락

항목

VDB-292629

CPE

준비됨

CWE

CWE-89 (확인됨)

CVSS

9.8 (NVD)

EPSS

0.00483

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-23220
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-23220
CVE Details	https://www.cvedetails.com/cve/CVE-2025-23220/

◂ 이전 개요 다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!