CVE & Vulnerability

CVE-2025-22133 - WeGIA File Upload Vulnerability (Remote Code Execution)

CVE ID : CVE-2025-22133 Published : Jan. 7, 2025, 10:15 p.m. | 1 hour, 29 minutes ago Description : WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious files, such as .phar, which can then be executed by the server. This vulnerability is fixed in 3.2.8. Severity: 9.9 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

AutorAutor
Jan 8, 2025 - 00:45
 0  0
CVE-2025-22133 - WeGIA File Upload Vulnerability (Remote Code Execution)
CVE ID : CVE-2025-22133
Published : Jan. 7, 2025, 10:15 p.m. | 1 hour, 29 minutes ago
Description : WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controla_xlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious files, such as .phar, which can then be executed by the server. This vulnerability is fixed in 3.2.8.
Severity: 9.9 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read More

Tags:

Vorheriger Artikel

CVE-2025-22132 - WeGIA Charitable Institutions XSS File Upload Vulnerability

Nächster Artikel

CVE-2024-10541 - Apache X509 Certificate Parsing Remote Code Execution

Autor
Autor

Verwandte Beiträge

CVE-2024-47410 - Adobe Animate Stack-based Buffer Overflow Vulnerability

CVE-2024-47410 - Adobe Animate Stack-based Buffer Overf...

Autor Okt 9, 2024  0  3

CVE-2023-52897 - btrfs GOOS BUG

CVE-2023-52897 - btrfs GOOS BUG

Autor Aug 21, 2024  0  2

CVE-2024-44838 - RapidCMS SQL Injection Vector

CVE-2024-44838 - RapidCMS SQL Injection Vector

Autor Sep 7, 2024  0  1