Описание
WeGIA is a Web manager for charitable institutions. A SQL Injection vulnerability was discovered in the WeGIA application prior to version 3.2.15 at the adicionar_tipo_exame.php endpoint. This vulnerability allows an authorized attacker to execute arbitrary SQL queries, allowing access to sensitive information. Version 3.2.15 contains a patch for the issue.
Уязвимые конфигурации
Конфигурация 1Версия до 3.2.15 (исключая)
cpe:2.3:a:wegia:wegia:*:*:*:*:*:*:*:*
EPSS
Процентиль: 65%
0.00495
Низкий
8.8 High
CVSS3
Дефекты
CWE-89
EPSS
Процентиль: 65%
0.00495
Низкий
8.8 High
CVSS3
Дефекты
CWE-89