Wegia Security Vulnerabilities (CVEs)
Track 101 security vulnerabilities affecting Wegia products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
WeGIA versions before 3.6.2 contain an open redirect vulnerability in the control.php endpoint. Attackers can manipulate the nextPage parameter to red...
Jan 16, 2026This CVE describes an Open Redirect vulnerability in WeGIA web manager for charitable institutions. Attackers can redirect users to malicious external...
Jan 16, 2026This CVE describes a clickjacking vulnerability in WeGIA web management software for charitable institutions. Attackers can embed WeGIA pages in malic...
Jan 16, 2026This is a reflected cross-site scripting (XSS) vulnerability in WeGIA web management software that allows unauthenticated attackers to inject maliciou...
Jan 16, 2026An authenticated SQL injection vulnerability in WeGIA's Atendido_ocorrenciaControle endpoint allows attackers to extract sensitive data from the datab...
Jan 16, 2026A stored cross-site scripting (XSS) vulnerability in WeGIA web manager allows attackers to inject malicious scripts into the 'Atendido' selection drop...
Jan 16, 2026A stored cross-site scripting (XSS) vulnerability in WeGIA web manager allows attackers to inject malicious JavaScript into the adopters information t...
Jan 16, 2026This CVE describes an open redirect vulnerability in WeGIA web management software for charitable institutions. Attackers can redirect users to malici...
Jan 16, 2026This open redirect vulnerability in WeGIA allows attackers to redirect users to malicious external websites by manipulating the nextPage parameter. It...
Jan 16, 2026WeGIA versions before 3.6.2 contain an open redirect vulnerability in the control.php endpoint. Attackers can manipulate the nextPage parameter to red...
Jan 16, 2026CVE-2025-67501 is an SQL injection vulnerability in WeGIA web management software that allows attackers to execute arbitrary SQL commands through the ...
Dec 10, 2025This stored XSS vulnerability in WeGIA allows attackers to inject malicious scripts into employee selection dropdowns, which execute when administrato...
Dec 9, 2025This reflected cross-site scripting (XSS) vulnerability in WeGIA allows attackers to inject malicious scripts via the action parameter in the editar_i...
Oct 21, 2025WeGIA versions before 3.5.1 contain a reflected cross-site scripting (XSS) vulnerability in the editar_info_pessoal.php endpoint. Attackers can inject...
Oct 21, 2025CVE-2025-62358 is a reflected cross-site scripting (XSS) vulnerability in WeGIA web management software that allows attackers to inject malicious Java...
Oct 13, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA versions before 3.5.0 allows attackers to inject malicious scripts via the id_pet parame...
Oct 13, 2025A SQL injection vulnerability in WeGIA's /html/funcionario/dependente_documento.php endpoint allows attackers to execute arbitrary SQL commands via th...
Oct 13, 2025A SQL injection vulnerability in WeGIA's /html/funcionario/dependente_listar.php endpoint allows attackers to execute arbitrary SQL commands via the i...
Oct 13, 2025CVE-2025-62179 is a SQL injection vulnerability in WeGIA web management software that allows attackers to execute arbitrary SQL commands through the c...
Oct 13, 2025WeGIA versions 3.4.12 and below contain an SQL injection vulnerability in the /pet/profile_pet.php endpoint via the id_pet parameter. This allows atta...
Oct 2, 2025CVE-2025-61665 is a broken access control vulnerability in WeGIA, an open-source web manager for charitable institutions. Unauthenticated attackers ca...
Oct 2, 2025CVE-2025-61603 is a critical SQL injection vulnerability in WeGIA web management software for charitable institutions. Attackers can execute arbitrary...
Oct 2, 2025This SQL injection vulnerability in WeGIA allows attackers to execute arbitrary SQL commands through the control.php endpoint. It affects all WeGIA in...
Sep 27, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA's listar_despachos.php endpoint allows attackers to inject malicious scripts via the id_...
Sep 8, 2025A SQL injection vulnerability in WeGIA versions 3.4.10 and earlier allows authenticated attackers to execute arbitrary SQL queries through the id_anex...
Sep 8, 2025This vulnerability allows attackers to bypass MIME type validation and upload malicious PHP files disguised as Excel files to WeGIA web servers. Succe...
Sep 8, 2025CVE-2025-58159 is a critical remote code execution vulnerability in WeGIA web management software for charitable institutions. It allows attackers to ...
Aug 29, 2025WeGIA versions before 3.4.7 contain a reflected cross-site scripting vulnerability in the insere_despacho.php endpoint that allows attackers to inject...
Aug 21, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA web management software allows attackers to inject malicious scripts via the msg_e param...
Aug 21, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA's pre_cadastro_adotante.php endpoint allows attackers to inject malicious scripts via th...
Aug 21, 2025This SQL injection vulnerability in WeGIA's employee dependent removal endpoint allows attackers to execute arbitrary SQL commands by manipulating the...
Aug 21, 2025CVE-2025-55171 is an authentication bypass vulnerability in WeGIA web management software that allows unauthenticated attackers to delete arbitrary im...
Aug 12, 2025This SQL injection vulnerability in WeGIA allows attackers to execute arbitrary SQL commands through the id_fichamedica parameter in the /html/saude/a...
Aug 12, 2025CVE-2025-55167 is a critical SQL injection vulnerability in WeGIA web management software that allows attackers to execute arbitrary SQL commands thro...
Aug 12, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA web management software allows attackers to inject malicious scripts via the 'err' param...
Jul 18, 2025A SQL injection vulnerability in WeGIA web management software allows authenticated attackers to execute arbitrary SQL queries through the idatendido ...
Jul 18, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA versions before 3.4.6 allows attackers to inject malicious scripts via the msg_e paramet...
Jul 18, 2025This SQL injection vulnerability in WeGIA allows attackers to manipulate database queries through the idatendido_familiares parameter, potentially acc...
Jul 17, 2025A SQL injection vulnerability in WeGIA web management software allows attackers to manipulate database queries through the idatendido_familiares param...
Jul 17, 2025A SQL injection vulnerability in WeGIA versions before 3.4.5 allows attackers to manipulate database queries through the id_funcionario parameter in t...
Jul 17, 2025A SQL injection vulnerability in WeGIA's /controle/control.php endpoint allows attackers to execute arbitrary SQL commands via the cargo parameter. Th...
Jul 16, 2025A stored cross-site scripting (XSS) vulnerability in WeGIA's adicionar_especie.php endpoint allows attackers to inject malicious scripts via the 'espe...
Jul 16, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA's cadastro_adotante.php endpoint allows attackers to inject malicious scripts via the cp...
Jul 16, 2025A stored XSS vulnerability in WeGIA's control.php endpoint allows attackers to inject malicious scripts via the descricao_emergencia parameter. These ...
Jul 16, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA web management software allows attackers to inject malicious scripts via the 'nome_car' ...
Jul 16, 2025This SQL injection vulnerability in WeGIA allows attackers to execute arbitrary SQL commands through the 'id_socio' parameter in the processa_deletar_...
Jul 14, 2025This CVE describes an Open Redirect vulnerability in WeGIA web management software where attackers can manipulate the 'nextPage' parameter in control....
Jul 14, 2025WeGIA web manager for charitable institutions has a vulnerability where excessively long HTTP GET requests to a specific URL can cause high resource c...
Jul 7, 2025A reflected cross-site scripting (XSS) vulnerability exists in WeGIA's profile_familiar.php endpoint via the id_dependente parameter. Attackers can in...
Jul 7, 2025A time-based blind SQL injection vulnerability exists in the WeGIA web manager for charitable institutions. Attackers can inject arbitrary SQL queries...
Jul 7, 2025Why Monitor Wegia Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 101+ known vulnerabilities affecting Wegia products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Wegia packages in under 60 seconds. No agents required - completely agentless scanning that works across Wegia deployments.
Free vulnerability database: Access detailed information about every Wegia CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Wegia CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
