Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-27499

WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the processa_edicao_socio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the socio_nome parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.10.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.0%
CVSS Severity
CVSS v3 Score 6.1
Products affected by CVE-2025-27499
  • Wegia » Wegia » Version: 0.9.4
    cpe:2.3:a:wegia:wegia:0.9.4
  • Wegia » Wegia » Version: 1.0
    cpe:2.3:a:wegia:wegia:1.0
  • Wegia » Wegia » Version: 2.0
    cpe:2.3:a:wegia:wegia:2.0
  • Wegia » Wegia » Version: 3.0
    cpe:2.3:a:wegia:wegia:3.0
  • Wegia » Wegia » Version: 3.1
    cpe:2.3:a:wegia:wegia:3.1
  • Wegia » Wegia » Version: 3.2.0
    cpe:2.3:a:wegia:wegia:3.2.0
  • Wegia » Wegia » Version: 3.2.6
    cpe:2.3:a:wegia:wegia:3.2.6
  • Wegia » Wegia » Version: 3.2.7
    cpe:2.3:a:wegia:wegia:3.2.7
  • Wegia » Wegia » Version: 3.2.8
    cpe:2.3:a:wegia:wegia:3.2.8
  • Wegia » Wegia » Version: 3.2.9
    cpe:2.3:a:wegia:wegia:3.2.9


Products
Pricing
Contact Us

Shodan ® - All rights reserved