{"vulnerability": "cve-2025-23219", "sightings": [{"uuid": "ccfb2340-4096-43e4-a95c-9d944d6382c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23219", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113861471504281674", "content": "", "creation_timestamp": "2025-01-20T15:49:36.589046Z"}, {"uuid": "995f86ad-5a14-45ff-bc37-8673684886d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23219", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lg6qdtjwq72c", "content": "", "creation_timestamp": "2025-01-20T16:16:02.538758Z"}, {"uuid": "b1e4266c-7170-4d2c-a956-5fc87e60058e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23219", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lg6sih45wi2i", "content": "", "creation_timestamp": "2025-01-20T16:54:28.454134Z"}, {"uuid": "581bed02-a507-4c81-9be2-3d907b56ac1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23219", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113867128581650447", "content": "", "creation_timestamp": "2025-01-21T15:48:17.870201Z"}, {"uuid": "53f08bbb-2f76-428b-bca6-140f47b7a892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23219", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lgb7cylnhg2z", "content": "", "creation_timestamp": "2025-01-21T15:49:19.906784Z"}, {"uuid": "c376f10c-037a-4c4a-9ef7-c316a778ba38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23219", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2364", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23219\n\ud83d\udd39 Description: WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_cor.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in the database, allowing unauthorized access to sensitive information. During the exploit, it was possible to perform a complete dump of the application's database, highlighting the severity of the flaw. This vulnerability is fixed in 3.2.10.\n\ud83d\udccf Published: 2025-01-20T15:47:39.681Z\n\ud83d\udccf Modified: 2025-01-20T15:47:39.681Z\n\ud83d\udd17 References:\n1. https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-h2mg-4c7q-w69v\n2. https://github.com/LabRedesCefetRJ/WeGIA/commit/ae9c859006143bd0087b3e6e48a0677e1fff5c7e", "creation_timestamp": "2025-01-20T16:01:43.000000Z"}, {"uuid": "93960369-c9f9-48d0-9d3b-b9044e1cdf9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-23219", "type": "seen", "source": "https://t.me/cvedetector/15893", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23219 - WeGIA SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2025-23219 \nPublished : Jan. 20, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : WeGIA is an open source web manager with a focus on the Portuguese language and charitable institutions. A SQL Injection vulnerability was identified in the WeGIA application, specifically in the adicionar_cor.php endpoint. This vulnerability allows attackers to execute arbitrary SQL commands in the database, allowing unauthorized access to sensitive information. During the exploit, it was possible to perform a complete dump of the application's database, highlighting the severity of the flaw. This vulnerability is fixed in 3.2.10. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-20T18:23:17.000000Z"}]}