Wegia Security Vulnerabilities (CVEs)
Track 101 security vulnerabilities affecting Wegia products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
CVE-2025-50201 is an unauthenticated OS command injection vulnerability in WeGIA web management software that allows attackers to execute arbitrary co...
Jun 19, 2025An unauthenticated SQL injection vulnerability in WeGIA versions up to 3.3.0 allows attackers to execute arbitrary SQL commands via the /html/socio/si...
May 7, 2025WeGIA versions before 3.2.8 have a stored cross-site scripting vulnerability that allows attackers to inject malicious scripts into web pages. These s...
Mar 27, 2025A SQL injection vulnerability in WeGIA web management software allows attackers to manipulate database queries through the nextPage parameter. This en...
Mar 27, 2025This vulnerability allows unauthenticated attackers to reset any user's password without verifying the old password, including admin accounts. It affe...
Mar 27, 2025A stored Cross-Site Scripting (XSS) vulnerability in WeGIA web management software allows attackers to inject malicious scripts that are permanently s...
Mar 27, 2025A SQL injection vulnerability in WeGIA versions before 3.2.8 allows attackers to execute arbitrary SQL commands through the id_funcionario parameter i...
Mar 27, 2025A stored XSS vulnerability in WeGIA's 'adicionar_tipo_docs_atendido.php' endpoint allows attackers to inject malicious scripts via the 'tipo' paramete...
Mar 14, 2025CVE-2025-27419 is a denial-of-service vulnerability in WeGIA web management software that allows unauthenticated attackers to crash servers through ag...
Mar 3, 2025This stored XSS vulnerability in WeGIA allows attackers to inject malicious scripts via the tipo parameter in the adicionar_tipo_atendido.php endpoint...
Mar 3, 2025This SQL injection vulnerability in WeGIA allows authenticated attackers to execute arbitrary SQL queries through the adicionar_tipo_exame.php endpoin...
Feb 24, 2025A SQL injection vulnerability in WeGIA's personalizacao_upload.php endpoint allows authenticated attackers to execute arbitrary SQL queries. This can ...
Feb 20, 2025A SQL injection vulnerability in WeGIA's historico_paciente.php endpoint allows attackers to execute arbitrary SQL queries. This could lead to unautho...
Feb 18, 2025A SQL injection vulnerability in WeGIA's restaurar_produto_desocultar.php endpoint allows authenticated attackers to execute arbitrary SQL queries. Th...
Feb 18, 2025CVE-2025-26612 is a critical SQL injection vulnerability in WeGIA's adicionar_almoxarife.php endpoint that allows attackers to execute arbitrary SQL q...
Feb 18, 2025CVE-2025-26614 is a SQL injection vulnerability in WeGIA's deletar_documento.php endpoint that allows authenticated attackers to execute arbitrary SQL...
Feb 18, 2025A path traversal vulnerability in WeGIA's examples.php endpoint allows attackers to read the config.php file, which contains database credentials. Thi...
Feb 18, 2025A SQL injection vulnerability in WeGIA's deletar_cargo.php endpoint allows authenticated attackers to execute arbitrary SQL queries. This could lead t...
Feb 18, 2025A SQL injection vulnerability in WeGIA's informacao_adicional.php endpoint allows attackers to execute arbitrary SQL queries. This could lead to unaut...
Feb 18, 2025A SQL injection vulnerability in WeGIA's dependente_docdependente.php endpoint allows attackers to execute arbitrary SQL queries. This could lead to u...
Feb 18, 2025This SQL injection vulnerability in WeGIA's get_detalhes_socio.php endpoint allows authenticated attackers to execute arbitrary SQL queries. Attackers...
Feb 3, 2025A SQL injection vulnerability in WeGIA's deletar_permissao.php endpoint allows authenticated attackers to execute arbitrary SQL queries. This could le...
Feb 3, 2025A SQL injection vulnerability in WeGIA's salvar_cargo.php endpoint allows authenticated attackers to execute arbitrary SQL queries. This could lead to...
Feb 3, 2025CVE-2025-24905 is a critical SQL injection vulnerability in WeGIA's get_codigobarras_cobranca.php endpoint that allows authenticated attackers to exec...
Feb 3, 2025This CVE describes an Open Redirect vulnerability in WeGIA web management software for charitable institutions. Authenticated users can be tricked int...
Jan 21, 2025CVE-2025-23218 is a critical SQL injection vulnerability in WeGIA's adicionar_especie.php endpoint that allows attackers to execute arbitrary SQL comm...
Jan 20, 2025CVE-2025-23220 is a critical SQL injection vulnerability in WeGIA's adicionar_raca.php endpoint that allows attackers to execute arbitrary SQL command...
Jan 20, 2025CVE-2024-57035 is a critical SQL injection vulnerability in WeGIA v3.2.0 that allows attackers to execute arbitrary SQL commands via the nextPage para...
Jan 17, 2025CVE-2024-57034 is a critical SQL injection vulnerability in WeGIA versions before 3.2.0 that allows attackers to execute arbitrary SQL commands throug...
Jan 17, 2025Wegia versions below 3.2.0 contain a cross-site scripting vulnerability in the employee documents page that allows attackers to inject malicious scrip...
Jan 17, 2025WeGIA versions below 3.2.0 contain a SQL injection vulnerability in the /funcionario/remuneracao.php endpoint via the id_funcionario parameter. This a...
Jan 17, 2025This stored XSS vulnerability in WeGIA allows attackers to inject malicious scripts through the 'situacao' parameter in the adicionar_situacao.php end...
Jan 14, 2025A stored cross-site scripting (XSS) vulnerability in WeGIA's adicionar_tipo_quadro_horario.php endpoint allows attackers to inject malicious scripts v...
Jan 14, 2025A stored cross-site scripting (XSS) vulnerability in WeGIA's control.php endpoint allows attackers to inject malicious scripts via the cargo parameter...
Jan 14, 2025A stored cross-site scripting (XSS) vulnerability in WeGIA's adicionar_alergia.php endpoint allows attackers to inject malicious scripts via the 'nome...
Jan 14, 2025This CVE describes a Reflected Cross-Site Scripting (XSS) vulnerability in WeGIA's Cadastro_Atendido.php endpoint where the cpf parameter is not prope...
Jan 13, 2025This CVE describes a reflected cross-site scripting (XSS) vulnerability in WeGIA's editar_socio.php endpoint where the 'socio' parameter is not proper...
Jan 13, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA's editar_permissoes.php endpoint allows attackers to inject malicious scripts via the ms...
Jan 13, 2025This stored XSS vulnerability in WeGIA allows attackers to inject malicious scripts into the 'descricao' parameter of the informacao_adicional.php end...
Jan 13, 2025A reflected cross-site scripting (XSS) vulnerability in WeGIA's modulos_visiveis.php endpoint allows attackers to inject malicious scripts via the msg...
Jan 10, 2025A stored XSS vulnerability in WeGIA's CobrancaController.php endpoint allows attackers to inject malicious scripts via the local_recepcao parameter. T...
Jan 10, 2025A stored XSS vulnerability in WeGIA's cadastrarSocio.php endpoint allows attackers to inject malicious scripts into the local_recepcao parameter. Thes...
Jan 10, 2025A reflected cross-site scripting (XSS) vulnerability exists in WeGIA's home.php endpoint via the msg_c parameter. Attackers can inject malicious scrip...
Jan 10, 2025A SQL injection vulnerability in WeGIA's /dao/verificar_recursos_cargo.php endpoint allows attackers to execute arbitrary SQL commands through the car...
Jan 8, 2025A reflected cross-site scripting (XSS) vulnerability exists in WeGIA's configuracao_geral.php endpoint via the msg_c parameter. Attackers can inject m...
Jan 8, 2025A SQL injection vulnerability in WeGIA's dependente_listar_um.php endpoint allows attackers to execute arbitrary SQL commands through the id_dependent...
Jan 8, 2025This Cross-Site Scripting (XSS) vulnerability in WeGIA's file upload functionality allows attackers to upload malicious files containing JavaScript co...
Jan 7, 2025CVE-2025-22133 is a critical file upload vulnerability in WeGIA web management software that allows unauthenticated attackers to upload malicious .pha...
Jan 7, 2025This vulnerability in WeGIA 3.2.0 allows unauthorized users to change passwords without proper permission checks. It affects all installations of WeGI...
Dec 7, 2024This vulnerability allows attackers to inject malicious scripts into the payment method configuration page of WeGIA v3.2.0. When users view the compro...
Dec 5, 2024Why Monitor Wegia Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 101+ known vulnerabilities affecting Wegia products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Wegia packages in under 60 seconds. No agents required - completely agentless scanning that works across Wegia deployments.
Free vulnerability database: Access detailed information about every Wegia CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Wegia CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
