CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Wegia: >> Wegia >> 3.3.0 Security Vulnerabilities

CVE-2025-46828

WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint `/html/socio/sistema/get_socios.php`, specifically in the query parameter. This issue allows attackers to inject and execute arbitrary SQL statements against the application's underlying database. As a result, it may lead to data exfiltration, authentication bypass, or complete database compromise. Version 3.3.1 fixes the issue.

CVSS Score

9.8

EPSS Score

0.002

Published

2025-05-07

Page 7

Vulnerabilities

Vulnerable Software

Wegia: >> Wegia >> 3.3.0 Security Vulnerabilities

Products

Pricing

Contact Us