Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
7.2
WeGIA Web Manager: Malicious File Upload Exploit
CVE-2026-28409
Summary
An attacker can upload a malicious file to WeGIA's database restoration feature, allowing them to execute commands on the server. This affects WeGIA web managers before version 3.6.5. To fix this, update to version 3.6.5 or later.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| wegia | wegia | <= 3.6.5 | – |
Original title
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality...
Original description
WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access (which can be obtained via the previously reported Authentication Bypass) can execute arbitrary OS commands on the server by uploading a backup file with a specifically crafted filename. Version 3.6.5 fixes the issue.
nvd CVSS3.1
7.2
Vulnerability type
CWE-78
OS Command Injection
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-5m5g-q2vv-rv3r Exploit Vendor Advisory
Published: 27 Feb 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026