CVE-2025-46828 is a critical SQL Injection vulnerability (CWE-89) found in WeGIA, a web management application designed for charitable institutions developed by LabRedesCefetRJ. The vulnerability affects all versions up to and including 3.3.0 and is located in the endpoint `/html/socio/sistema/get_socios.php`. Specifically, the flaw exists in the handling of a query parameter where user input is improperly neutralized, allowing unauthenticated attackers to inject arbitrary SQL commands directly into the database query. This lack of input sanitization enables attackers to manipulate the backend database, potentially leading to severe consequences such as unauthorized data disclosure, authentication bypass, and full database compromise. The vulnerability is remotely exploitable without any authentication or user interaction, making it highly dangerous. The vendor has addressed this issue in version 3.3.1. The CVSS 4.0 base score is 10.0, reflecting the maximum severity due to the vulnerability's ease of exploitation, broad impact on confidentiality, integrity, and availability, and the absence of any required privileges or user interaction.

For European organizations, especially charitable institutions or NGOs using WeGIA for managing their operations, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to sensitive donor information, financial records, and personal data of beneficiaries, potentially violating GDPR and other data protection regulations. The compromise of authentication mechanisms could allow attackers to assume administrative control, leading to data manipulation or destruction, disrupting organizational operations and trust. Additionally, the complete database compromise could facilitate further lateral movement within the organization's network or enable ransomware deployment. The reputational damage and legal consequences resulting from data breaches could be substantial, particularly given the sensitive nature of charitable organizations' data and their reliance on public trust and funding.

European organizations using WeGIA should immediately upgrade to version 3.3.1 or later, where the vulnerability is patched. Until the upgrade is applied, organizations should implement web application firewalls (WAFs) with specific rules to detect and block SQL injection attempts targeting the vulnerable endpoint. Conduct thorough input validation and sanitization on all user-supplied data, employing parameterized queries or prepared statements in any custom integrations or extensions. Regularly audit and monitor database access logs for unusual queries or access patterns indicative of exploitation attempts. Additionally, organizations should review and tighten database user privileges to follow the principle of least privilege, limiting the potential damage of a successful injection. Implement network segmentation to isolate critical database servers from public-facing web servers. Finally, ensure that incident response plans are updated to address potential exploitation scenarios of this vulnerability.