CVE-2026-31895

by Fred · 11/03/2026

WeGIA is a web manager for charitable institutions. Prior to version 3.6.6, WeGIA (Web gerenciador para instituições assistenciais) contains a SQL injection vulnerability in html/matPat/restaurar_produto.php. The id_produto parameter from $_GET is directly interpolated into SQL queries without parameterization or sanitization. This vulnerability is fixed in 3.6.6.

More information : https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-m39r-p62f-vmqm

CVE-2026-31895

Similar

Recent Posts

Categories

CVE-2026-31895

Share this:

Similar

Recent Posts

Categories

Tags