CVE-2025-55168 Information

Aug 13, 2025 cve

Description

WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. Prior to version 3.4.8 a SQL Injection vulnerability was identified in the /html/saude/aplicar_medicamento.php endpoint specifically in the id_fichamedica parameter. This vulnerability allows attackers to execute arbitrary SQL commands compromising the confidentiality integrity and availability of the database. This issue has been patched in version 3.4.8.

Reference

https://github.com/LabRedesCefetRJ/WeGIA/commit/766f9f07ff6faee394e0f85d0650f86f8a9248a7https://github.com/LabRedesCefetRJ/WeGIA/commit/766f9f07ff6faee394e0f85d0650f86f8a9248a7 https://github.com/LabRedesCefetRJ/WeGIA/issues/245 https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-6wjm-c879-pjf6

CNNVD-202508-1266 (Published: 2025-08-12)

Share on:

CVE-2025-55168 Information

Description

Reference

Related CNNVD