CVE-2025-55167 Information
Aug 13, 2025
cve
Description
WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8 a SQL Injection vulnerability was identified in the /html/funcionario/dependente_remover.php endpoint specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands compromising the confidentiality integrity and availability of the database. This issue has been patched in version 3.4.8.
Reference
https://github.com/LabRedesCefetRJ/WeGIA/commit/cb7f5e2b98ef6087b80659627f368612e3c535f3 https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-4fqm-ww3v-6mwv
Related CNNVD
CNNVD-202508-1159 (Published: 2025-08-12)
Share on: