Vulnerability Details CVE-2024-57032
WeGIA < 3.2.0 is vulnerable to Incorrect Access Control in controle/control.php. The application does not validate the value of the old password, so it is possible to change the password by placing any value in the senha_antiga field.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.1%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2024-57032
-
cpe:2.3:a:wegia:wegia:0.9.4
-
cpe:2.3:a:wegia:wegia:1.0
-
cpe:2.3:a:wegia:wegia:2.0
-
cpe:2.3:a:wegia:wegia:3.0
-
cpe:2.3:a:wegia:wegia:3.1