CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27096

WeGIA is a Web Manager for Institutions with a focus on Portuguese language. A SQL Injection vulnerability was discovered in the WeGIA application, personalizacao_upload.php endpoint. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive information. This issue has been addressed in version 3.2.14 and all users are advised to upgrade. There are no known workarounds for this vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.5%

CVSS Severity

CVSS v3 Score 9.8

References

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-j856-wh9m-9vpm

Products affected by CVE-2025-27096

Wegia » Wegia » Version: 0.9.4

cpe:2.3:a:wegia:wegia:0.9.4
Wegia » Wegia » Version: 1.0

cpe:2.3:a:wegia:wegia:1.0
Wegia » Wegia » Version: 2.0

cpe:2.3:a:wegia:wegia:2.0
Wegia » Wegia » Version: 3.0

cpe:2.3:a:wegia:wegia:3.0
Wegia » Wegia » Version: 3.1

cpe:2.3:a:wegia:wegia:3.1
Wegia » Wegia » Version: 3.2.0

cpe:2.3:a:wegia:wegia:3.2.0
Wegia » Wegia » Version: 3.2.10

cpe:2.3:a:wegia:wegia:3.2.10
Wegia » Wegia » Version: 3.2.11

cpe:2.3:a:wegia:wegia:3.2.11
Wegia » Wegia » Version: 3.2.12

cpe:2.3:a:wegia:wegia:3.2.12
Wegia » Wegia » Version: 3.2.13

cpe:2.3:a:wegia:wegia:3.2.13
Wegia » Wegia » Version: 3.2.6

cpe:2.3:a:wegia:wegia:3.2.6
Wegia » Wegia » Version: 3.2.7

cpe:2.3:a:wegia:wegia:3.2.7
Wegia » Wegia » Version: 3.2.8

cpe:2.3:a:wegia:wegia:3.2.8
Wegia » Wegia » Version: 3.2.9

cpe:2.3:a:wegia:wegia:3.2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-27096

Products

Pricing

Contact Us