CVE-2025-46828 – WeGIA Web Manager SQL Injection Vulnerability

May 7, 2025

CVE ID : CVE-2025-46828

Published : May 7, 2025, 6:15 p.m. | 1 hour, 20 minutes ago

Description : WeGIA is a web manager for charitable institutions. An unauthenticated SQL Injection vulnerability was identified in versions up to and including 3.3.0 in the endpoint `/html/socio/sistema/get_socios.php`, specifically in the query parameter. This issue allows attackers to inject and execute arbitrary SQL statements against the application’s underlying database. As a result, it may lead to data exfiltration, authentication bypass, or complete database compromise. Version 3.3.1 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47423 – Furbo Personal Weather Station File Disclosure Vulnerability

Next Article CVE-2025-47203 – Dropbear SSH Command Injection Vulnerability

Highlights

CVE-2025-7546 – GNU Binutils Out-of-Bounds Write Vulnerability

July 13, 2025

CVE ID : CVE-2025-7546

Published : July 13, 2025, 10:15 p.m. | 2 hours, 15 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: Functionally, a Date

Creating Elastic And Bounce Effects With Expressive Animator

Microsoft shares Insiders preview of Visual Studio 2026

From Data To Decisions: UX Strategies For Real-Time Dashboards

DistroWatch Weekly, Issue 1139

Building personal apps with open source and AI

What Can We Actually Do With corner-shape?

Craft, Clarity, and Care: The Story and Work of Mengchu Yao

Can I use React Server Components (RSCs) today?

Can I use React Server Components (RSCs) today?

Perficient Named among Notable Providers in Forrester’s Q3 2025 Commerce Services Landscape

Sarah McDowell Helps Clients Build a Strong AI Foundation Through Salesforce

I Ran Local LLMs on My Android Phone

I Ran Local LLMs on My Android Phone

DistroWatch Weekly, Issue 1139

sudo vs sudo-rs: What You Need to Know About the Rust Takeover of Classic Sudo Command

CVE-2025-46828 – WeGIA Web Manager SQL Injection Vulnerability

Cursor AI Code Editor Flaw Enables Silent Code Execution via Malicious Repositories

Introducing HybridPetya: Petya/NotPetya copycat with UEFI Secure Boot bypass

AMD Warns of Transient Scheduler Attacks Affecting Wide Range of Chipsets

CVE-2025-49200 – VMware vSphere Unencrypted Backup Files Information Disclosure

Sunshine And March Vibes (2025 Wallpapers Edition)

CVE-2013-10061 – Netgear Router OS Command Injection Vulnerability

CVE-2025-7546 – GNU Binutils Out-of-Bounds Write Vulnerability

Agency Assassin

JavaScript vs C#: How to Choose the Right Language as a Beginner

Microsoft Patches Four Critical Azure and Power Apps Vulnerabilities, Including CVSS 10 Privilege Escalation

CVE-2025-46828 – WeGIA Web Manager SQL Injection Vulnerability

Related Posts