Vulnerability Database

308,485

Total vulnerabilities in the database

CVE-2025-58454

WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was identified in WeGIA versions 3.4.10 and prior inthe endpoint /WeGIA/html/memorando/listar_despachos.php, in the id_memorando parameter. This vulnerability allow an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive information. Version 3.4.11 contains a patch.

Published: Sep 8, 2025
Updated: Nov 16, 2025
CVE: CVE-2025-58454
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.2
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
wegia / wegia	-	3.4.11

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-ghfh-g6rg-jmqf

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo