CVE-2025-57761

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-57761
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57761.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-57761
Aliases
  • GHSA-fxwc-r5m4-hj62
Published
2025-08-21T16:40:16.191Z
Modified
2026-04-10T05:32:42.033004Z
Severity
  • 9.4 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H CVSS Calculator
Summary
WeGIA SQL Injection vulnerability via 'id_funcionario' param at endpoint `/html/funcionario/dependente_remover.php`
Details

WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, there is a SQL Injection vulnerability in the /html/funcionario/dependenteremover.php endpoint, specifically in the idfuncionario parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.4.10.

Database specific 
{
    "cwe_ids": [
        "CWE-89"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/57xxx/CVE-2025-57761.json",
    "cna_assigner": "GitHub_M"
}
References

Affected packages

Git / github.com/labredescefetrj/wegia

Affected ranges

Type
GIT
Repo
http://github.com/labredescefetrj/wegia
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6598f44f844d15e77af4e6049d0792e8bd13b622
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.4.10"
        }
    ]
}

Affected versions

0.*
0.9.4-beta
3.*
3.3.0
3.3.1
3.3.2
3.3.3
3.4.0
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.4.6
3.4.7
3.4.8
3.4.9
v1.*
v1.0
v2.*
v2.0
v2.0-beta
v3.*
v3.1
v3.2.0
v3.2.10
v3.2.11
v3.2.12
v3.2.13
v3.2.14
v3.2.15
v3.2.16
v3.2.17
v3.2.6
v3.2.7
v3.2.8
v3.2.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57761.json"

Git / github.com/labredescefetrj/wegia

Affected ranges

Type
GIT
Repo
https://github.com/labredescefetrj/wegia
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
6598f44f844d15e77af4e6049d0792e8bd13b622
Fixed
baec5c70620b05a09b130a94db8216e3bfe7e4ce
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "3.4.10"
        }
    ]
}

Affected versions

0.*
0.9.4-beta
3.*
3.3.0
3.3.1
3.3.2
3.3.3
3.4.0
3.4.1
3.4.2
3.4.3
3.4.4
3.4.5
3.4.6
3.4.7
3.4.8
3.4.9
v1.*
v1.0
v2.*
v2.0
v2.0-beta
v3.*
v3.1
v3.2.0
v3.2.10
v3.2.11
v3.2.12
v3.2.13
v3.2.14
v3.2.15
v3.2.16
v3.2.17
v3.2.6
v3.2.7
v3.2.8
v3.2.9

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-57761.json"