Plattform
php
Komponente
wegia
Behoben in
3.4.4
CVE-2025-53529 describes a critical SQL Injection vulnerability discovered in WeGIA, a web manager for charitable institutions. This flaw allows an unauthenticated attacker to inject arbitrary SQL commands, potentially leading to unauthorized data access and manipulation. The vulnerability affects versions of WeGIA up to and including 3.4.3, and a patch is available in version 3.4.3.
The SQL Injection vulnerability in WeGIA's /html/funcionario/profile_funcionario.php endpoint poses a significant risk. An attacker can exploit this flaw to bypass authentication and directly manipulate the database. This could result in the exfiltration of sensitive data such as donor information, financial records, and user credentials. Furthermore, an attacker might be able to modify or delete data, disrupt operations, or even gain control of the entire system. The lack of authentication required to exploit the vulnerability amplifies the potential impact, as any external user can attempt to leverage it.
CVE-2025-53529 was publicly disclosed on 2025-07-07. As of this date, there are no known public proof-of-concept exploits available. The vulnerability's critical CVSS score (9.8) and ease of exploitation suggest a high probability of exploitation if left unpatched. It is not currently listed on the CISA KEV catalog.
Charitable institutions and organizations utilizing WeGIA for web management are at significant risk. Specifically, those running older versions (≤ 3.4.3) and those with limited security expertise or resources are particularly vulnerable. Shared hosting environments where WeGIA is installed alongside other applications may also be at increased risk due to potential cross-site contamination.
• php: Examine web server access logs for requests to /html/funcionario/profilefuncionario.php with unusual or malformed idfuncionario parameters. Look for patterns indicative of SQL injection attempts (e.g., ' OR 1=1 --).
• php: Use a code analysis tool to scan the /html/funcionario/profilefuncionario.php file for instances where the idfuncionario parameter is used directly in SQL queries without proper sanitization.
• generic web: Monitor network traffic for suspicious SQL queries originating from the WeGIA server.
• generic web: Check for unusual database activity, such as unexpected data modifications or large data exports.
disclosure
Exploit-Status
EPSS
0.26% (49% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-53529 is to immediately upgrade WeGIA to version 3.4.3 or later. If upgrading is not immediately feasible, consider implementing a Web Application Firewall (WAF) rule to filter malicious SQL injection attempts targeting the /html/funcionario/profilefuncionario.php endpoint, specifically focusing on the idfuncionario parameter. Input validation on the server-side, even as a temporary measure, can help prevent malicious SQL commands from being executed. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection attack on the /html/funcionario/profile_funcionario.php endpoint with a known malicious payload.
Actualice WeGIA a la versión 3.4.3 o superior. Esta versión corrige la vulnerabilidad de inyección SQL. Descargue la última versión desde el sitio web oficial del proveedor o a través de los canales de actualización proporcionados.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-53529 is a critical SQL Injection vulnerability affecting WeGIA versions up to 3.4.3. It allows unauthenticated attackers to inject malicious SQL commands through the id_funcionario parameter.
You are affected if you are using WeGIA version 3.4.3 or earlier. Immediately assess your environment and apply the necessary mitigation steps.
The recommended fix is to upgrade WeGIA to version 3.4.3 or later. As a temporary workaround, implement a WAF rule to filter malicious SQL injection attempts.
As of 2025-07-07, there are no confirmed reports of active exploitation, but the vulnerability's severity and ease of exploitation suggest a high potential for future attacks.
Refer to the official WeGIA website or their security advisory page for the latest information and updates regarding CVE-2025-53529.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.