CVE-2025-30365
Published: 27 March 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-30365 is a SQL injection vulnerability (CWE-89) in WeGIA, a web manager for charitable institutions, affecting versions prior to 3.2.8. The flaw exists in the endpoint /WeGIA/html/socio/sistema/controller/query_geracao_auto.php, specifically in the query parameter, which fails to properly sanitize input. This allows attackers to inject and execute arbitrary SQL commands, with a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating critical severity due to high impacts on confidentiality, integrity, and availability.
Unauthenticated remote attackers can exploit this vulnerability over the network with low attack complexity and no user interaction required. By crafting malicious payloads in the query parameter, they can execute arbitrary SQL commands against the database, enabling data exfiltration, modification, deletion, or denial-of-service conditions.
The GitHub security advisory (GHSA-ghx8-h92j-h422) confirms that upgrading to WeGIA version 3.2.8 resolves the issue by addressing the injection vulnerability in the affected endpoint.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
SQL injection in public-facing web app endpoint allows unauthenticated remote exploitation, directly mapping to T1190 Exploit Public-Facing Application.