{"vulnerability": "GHSA-RWVH-2GFH-WMCM", "sightings": [{"uuid": "0b59af66-67e2-42b5-ac63-020a9b204f06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-RWVH-2GFH-WMCM", "type": "published-proof-of-concept", "source": "Telegram/46ceI5nsxcRHJRwxF0BC6VxuGD8BgaFNIkSgqW-NagPBDfM", "content": "", "creation_timestamp": "2025-06-19T05:01:47.000000Z"}, {"uuid": "45334d19-32cd-4977-8258-d1ce8c1f79f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "GHSA-RWVH-2GFH-WMCM", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18836", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52474\n\ud83d\udd25 CVSS Score: 8.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N)\n\ud83d\udd39 Description: WeGIA is a web manager for charitable institutions. Prior to version 3.4.2, a SQL Injection vulnerability was identified in the id parameter of the /WeGIA/controle/control.php endpoint. This vulnerability allows attacker to manipulate SQL queries and access sensitive database information, such as table names and sensitive data. This issue has been patched in version 3.4.2.\n\ud83d\udccf Published: 2025-06-19T03:40:47.301Z\n\ud83d\udccf Modified: 2025-06-19T03:40:47.301Z\n\ud83d\udd17 References:\n1. https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rwvh-2gfh-wmcm\n2. https://github.com/LabRedesCefetRJ/WeGIA/commit/b6fbb3e21b8d71e50afe0395dca44acdd1ca2e29", "creation_timestamp": "2025-06-19T04:41:27.000000Z"}]}