Skip to content
cyberMEDIUM2026-04-17 21:16 UTC

CVE-2026-40285 - WeGIA has SQL Injection via Session Variable Override in DespachoControle.php

CVE ID :CVE-2026-40285 Published : April 17, 2026, 9:16 p.m. | 1 hour, 24 minutes ago Description :WeGIA is a web manager for charitable institutions. Versions prior to 3.6.10 contain a SQL injection vulnerability in dao/memorando/UsuarioDAO.php. The cpf_usuario POST parameter overwrites the s

ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD

Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.

GET THE SUNDAY BRIEFING →

RELATED · cyber

Editorial policy · Report a correction