CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.4	CVE-2025-53946	WeGIA vulnerable to SQL Injection in endpoint profile_paciente.php parameter id_fichamedica_CVE-2025-53946 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.5	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54060	WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarInfoPessoal.php Endpoint_CVE-2025-54060 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54058	WeGIA SQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarEndereco.php Endpoint_CVE-2025-54058 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54061	WeGIASQL Injection (Blind Time-Based) Vulnerability in idatendido_familiares Parameter on dependente_editarDoc.php Endpoint_CVE-2025-54061 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.4	CVE-2025-54062	WeGIA SQL Injection (Blind Time-Based) Vulnerability in id_dependente Parameter on profile_dependente.php Endpoint_CVE-2025-54062 WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identifi...	LabRedesCefetRJ	WeGIA < 3.4.6	Jul 17, 2025	CVE
CRITICAL 9.6	CVE-2025-25257	CVE-2025-25257_CVE-2025-25257 An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 t...	Fortinet	FortiWeb 7.6.0	Jul 17, 2025	CVE
CRITICAL 9.8	CVE-2025-53867	CVE-2025-53867_CVE-2025-53867 Island Lake WebBatch before 2025C allows Remote Code Execution via a crafted URL.	n/a	n/a n/a	Jul 17, 2025	CVE
CRITICAL 9.8	CVE-2025-52046	CVE-2025-52046_CVE-2025-52046 Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in the sub_4197C0 function via the mac and desc para...	n/a	n/a n/a	Jul 17, 2025	CVE
CRITICAL 9.8	CVE-2025-50240	CVE-2025-50240_CVE-2025-50240 nbcio-boot v1.0.3 was discovered to contain a SQL injection vulnerability via the userIds parameter at /sys/user/deleteRecycleBin.	n/a	n/a n/a	Jul 17, 2025	CVE
CRITICAL 9.2	CVE-2025-54068	Livewire vulnerable to remote command execution during property update hydration_CVE-2025-54068 Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achi...	livewire	livewire >= 3.0.0-beta.1, < 3.6.4	Jul 17, 2025	CVE