CVE-2025-53091 – WeGIA Time-Based Blind SQL Injection

June 27, 2025

CVE ID : CVE-2025-53091

Published : June 27, 2025, 3:15 p.m. | 3 hours, 57 minutes ago

Description : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A Time-Based Blind SQL Injection vulnerability was discovered in version 3.3.3 the almox parameter of the `/controle/getProdutosPorAlmox.php` endpoint. This issue allows any unauthenticated attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or further exploitation depending on database configuration. Version 3.4.0 fixes the issue.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-52553 – Authentik RAC Token Session Hijacking Vulnerability

Next Article CVE-2023-38007 – IBM Cloud Pak System HTML Injection Vulnerability

How AI further empowers value stream management

12 Top ReactJS Development Companies in 2025

Not sure where to go with AI? Here’s your roadmap.

This week in AI dev tools: A2A donated to Linux Foundation, OpenAI adds Deep Research to API, and more (June 27, 2025)

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

Forget YouTube’s ad blocker war — this Google AI Overviews clone might finally sell me on the $14/month Premium subscription

Say hello to ECMAScript 2025

Say hello to ECMAScript 2025

Ecma International approves ECMAScript 2025: What’s new?

Building Together: PRFT Colleagues Volunteer with Atlanta Habitat for Humanity

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

Capcom’s finally giving Street Fighter 6 players the outfits they’ve wanted — when all else fails, send in swimsuits

After 14 years, Monster Hunter Wilds is bringing back underwater combat alongside “Lagiacrus” and another familiar monster — the impossible has happened

OpenAI may prematurely declare AGI to cut ties with Microsoft — despite Sam Altman admitting today’s tech isn’t built for it

CVE-2025-53091 – WeGIA Time-Based Blind SQL Injection

Qilin Ransomware Attack on NHS Causes Patient Death in the UK

CVE-2025-6817 – HDF5 Resource Consumption Denial of Service

Overwatch 2 Stadium Mode — Best Moira Builds: Best items, powers, and gameplay tips

The Legal Accountability of AI-Generated Deepfakes in Election Misinformation

CVE-2025-4306 – PHPGurukul Nipah Virus Testing Management System SQL Injection

Graphite spyware used in Apple iOS zero-click attacks on journalists

Critical ANPR Camera Flaw (CVE-2025-34022, CVSS 9.3) Exposes Selea TARGA Devices, PoC Available, No Vendor Response

CVE-2025-49468 – Joomla No Boss Calendar SQL Injection Vulnerability

CVE-2025-34049 – OptiLink ONT1GEW Command Injection

This new YouTube Shorts feature lets you circle to search videos more easily

CVE-2025-53091 – WeGIA Time-Based Blind SQL Injection

Related Posts