CVE-2025-50201 – WeGIA Web Manager OS Command Injection Vulnerability

June 19, 2025

CVE ID : CVE-2025-50201

Published : June 19, 2025, 4:15 a.m. | 51 minutes ago

Description : WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, an OS Command Injection vulnerability was identified in the /html/configuracao/debug_info.php endpoint. The branch parameter is not properly sanitized before being concatenated and executed in a shell command on the server’s operating system. This flaw allows an unauthenticated attacker to execute arbitrary commands on the server with the privileges of the web server user (www-data). This issue has been patched in version 3.4.2.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4479 – ElementsKit Elementor Addons and Templates WordPress Stored Cross-Site Scripting

Next Article CVE-2025-4367 – WordPress Download Manager Stored Cross-Site Scripting Vulnerability

Highlights

CVE-2025-7833 – Church Donation System SQL Injection Vulnerability

July 19, 2025

CVE ID : CVE-2025-7833

Published : July 19, 2025, 4:15 p.m. | 7 hours, 38 minutes ago

Description : A vulnerability, which was classified as critical, has been found in code-projects Church Donation System 1.0. This issue affects some unknown processing of the file /members/giving.php. The manipulation of the argument Amount leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

15 Essential Skills to Look for When Hiring Node.js Developers for Enterprise Projects (2025-2026)

African training program creates developers with cloud-native skills

React.js for SaaS Platforms: How Top Development Teams Help Startups Launch Faster

Upwork Freelancers vs Dedicated React.js Teams: What’s Better for Your Project in 2025?

Automate your project with GitHub Models in Actions

Thinking Deeply About Theming and Color Naming

Wish You Were Here – Win a Free Ticket to Penpot Fest 2025!

CodeSOD: Concatenated Validation

Using GitHub Copilot in VS Code

Using GitHub Copilot in VS Code

Optimizely Mission Control – Part I

Highlights from the 2025 Formula SAE and Formula Student Season

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Top 20 kubectl Commands Every Kubernetes Beginner Must Know

Microsoft’s record stock run collides with Nadella’s admission that 15,000 layoffs still ‘hurt’

Microsoft and Adobe Power Up Fantasy Premier League Fans with AI – Here’s How

CVE-2025-50201 – WeGIA Web Manager OS Command Injection Vulnerability

PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads

The Wild West of Shadow IT

CVE-2025-0831 – SOLIDWORKS eDrawings JT File Out-Of-Bounds Read Arbitrary Code Execution

Starting Redwood Experience with 25A Inventory Management

Ivanti Bugs Exploited Even After Three Months of Patch Availability

Ransomware scum disrupted utility services with SimpleHelp attacks

CVE-2025-7833 – Church Donation System SQL Injection Vulnerability

CVE-2025-26692 – Quick Agent Path Traversal Vulnerability

CVE-2025-53108 – HomeBox Unauthenticated Attachment Manipulation Vulnerability

Stretch Break Linux App Reminds You to Stop Pixel-Gawping

CVE-2025-50201 – WeGIA Web Manager OS Command Injection Vulnerability

Related Posts