CVE-2025-53091 is a critical SQL Injection vulnerability identified in version 3.3.3 of WeGIA, an open-source web management platform primarily targeting Portuguese language users and charitable institutions. The vulnerability exists in the 'almox' parameter of the '/controle/getProdutosPorAlmox.php' endpoint. It is a Time-Based Blind SQL Injection flaw, meaning an attacker can inject arbitrary SQL commands and infer database responses based on time delays, without direct error messages or output. This vulnerability requires no authentication or user interaction, making it trivially exploitable remotely by any unauthenticated attacker. Exploitation can lead to unauthorized access to sensitive data stored in the backend database, including potentially confidential information managed by charitable organizations using WeGIA. Depending on the database configuration and privileges, attackers might also execute further malicious actions such as data modification, deletion, or even remote code execution if chained with other vulnerabilities. The issue is fixed in WeGIA version 3.4.0. The CVSS 4.0 base score is 10.0 (critical), reflecting the vulnerability's high impact on confidentiality, integrity, and availability, combined with its ease of exploitation and lack of required privileges or user interaction.

For European organizations, especially charitable institutions and non-profits using WeGIA or similar localized management platforms, this vulnerability poses a significant risk. Exploitation could lead to unauthorized disclosure of donor information, financial records, and internal operational data, potentially violating GDPR and other data protection regulations. The compromise of such data could damage organizational reputation, lead to legal penalties, and disrupt critical services. Additionally, attackers could leverage this vulnerability as a foothold for further network intrusion or ransomware deployment. Since WeGIA focuses on Portuguese language users, European organizations in Portugal and Lusophone communities are particularly at risk. The critical severity and unauthenticated remote exploitability mean that attackers can rapidly compromise vulnerable systems at scale if patches are not applied promptly.

1. Immediate upgrade to WeGIA version 3.4.0 or later, which contains the patch for this SQL Injection vulnerability. 2. Implement Web Application Firewalls (WAFs) with rules specifically designed to detect and block SQL Injection patterns targeting the '/controle/getProdutosPorAlmox.php' endpoint and the 'almox' parameter. 3. Conduct thorough code reviews and security testing on any customizations or integrations with WeGIA to ensure no similar injection flaws exist. 4. Employ database user accounts with the least privileges necessary to limit the impact of potential SQL Injection exploitation. 5. Monitor application logs and network traffic for unusual delays or anomalies indicative of time-based blind SQL Injection attempts. 6. Educate IT and security teams about this vulnerability and ensure rapid incident response plans are in place. 7. For organizations unable to upgrade immediately, consider temporarily disabling or restricting access to the vulnerable endpoint until a patch can be applied.