CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-46828

WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint `/html/socio/sistema/get_socios.php`, specifically in the query parameter. This issue allows attackers to inject and execute arbitrary SQL statements against the application's underlying database. As a result, it may lead to data exfiltration, authentication bypass, or complete database compromise. Version 3.3.1 fixes the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.2%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2025-46828

Wegia » Wegia » Version: 0.9.4

cpe:2.3:a:wegia:wegia:0.9.4
Wegia » Wegia » Version: 1.0

cpe:2.3:a:wegia:wegia:1.0
Wegia » Wegia » Version: 2.0

cpe:2.3:a:wegia:wegia:2.0
Wegia » Wegia » Version: 3.0

cpe:2.3:a:wegia:wegia:3.0
Wegia » Wegia » Version: 3.1

cpe:2.3:a:wegia:wegia:3.1
Wegia » Wegia » Version: 3.2.0

cpe:2.3:a:wegia:wegia:3.2.0
Wegia » Wegia » Version: 3.2.10

cpe:2.3:a:wegia:wegia:3.2.10
Wegia » Wegia » Version: 3.2.11

cpe:2.3:a:wegia:wegia:3.2.11
Wegia » Wegia » Version: 3.2.12

cpe:2.3:a:wegia:wegia:3.2.12
Wegia » Wegia » Version: 3.2.13

cpe:2.3:a:wegia:wegia:3.2.13
Wegia » Wegia » Version: 3.2.14

cpe:2.3:a:wegia:wegia:3.2.14
Wegia » Wegia » Version: 3.2.15

cpe:2.3:a:wegia:wegia:3.2.15
Wegia » Wegia » Version: 3.2.16

cpe:2.3:a:wegia:wegia:3.2.16
Wegia » Wegia » Version: 3.2.17

cpe:2.3:a:wegia:wegia:3.2.17
Wegia » Wegia » Version: 3.2.6

cpe:2.3:a:wegia:wegia:3.2.6
Wegia » Wegia » Version: 3.2.7

cpe:2.3:a:wegia:wegia:3.2.7
Wegia » Wegia » Version: 3.2.8

cpe:2.3:a:wegia:wegia:3.2.8
Wegia » Wegia » Version: 3.2.9

cpe:2.3:a:wegia:wegia:3.2.9
Wegia » Wegia » Version: 3.3.0

cpe:2.3:a:wegia:wegia:3.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-46828

Products

Pricing

Contact Us