CVE-2025-54079 is a critical SQL Injection vulnerability identified in the open-source web management software WeGIA, developed by LabRedesCefetRJ. WeGIA is designed primarily for Portuguese-speaking charitable institutions, providing web-based management functionalities. The vulnerability exists in versions prior to 3.4.6 within the endpoint `/html/atendido/Profile_Atendido.php`, specifically in the `idatendido` parameter. This parameter is improperly sanitized, allowing an authorized attacker to inject malicious SQL commands. Exploitation of this flaw enables attackers to execute arbitrary SQL queries on the backend database, potentially leading to unauthorized access to sensitive information, data manipulation, or disruption of service. The CVSS 4.0 base score of 9.4 reflects the critical nature of this vulnerability, highlighting its network attack vector, low attack complexity, no required user interaction, and the fact that only low privileges are needed to exploit it. The vulnerability impacts confidentiality, integrity, and availability at a high level, with a wide scope affecting all instances of WeGIA versions below 3.4.6. The issue has been addressed in version 3.4.6, which includes proper input validation and sanitization to neutralize special SQL elements in the `idatendido` parameter, mitigating the risk of injection attacks. No known exploits are reported in the wild as of the publication date, but the critical severity and ease of exploitation make it a high-priority patch for affected users.

For European organizations using WeGIA, particularly charitable institutions or NGOs operating in Portuguese or serving Portuguese-speaking communities, this vulnerability poses a significant risk. Exploitation could lead to unauthorized disclosure of sensitive personal or organizational data, undermining privacy compliance obligations such as GDPR. Data integrity could be compromised, potentially affecting operational reliability and trustworthiness of the institution. Availability impacts could arise if attackers execute destructive SQL commands, leading to service outages or data loss. Given the critical CVSS score and the low privileges required for exploitation, attackers could leverage this vulnerability to escalate access or pivot within the network. The impact is especially concerning for organizations handling donor information, beneficiary data, or financial records, where confidentiality and integrity are paramount.

Organizations should immediately upgrade all WeGIA instances to version 3.4.6 or later to apply the official patch that fixes the SQL Injection vulnerability. Until the upgrade is completed, it is advisable to implement Web Application Firewall (WAF) rules specifically targeting SQL Injection patterns on the vulnerable endpoint and parameter (`idatendido`). Conduct thorough input validation and sanitization at the application level as an additional safeguard. Restrict access to the vulnerable endpoint to authorized users only and monitor logs for suspicious query patterns indicative of injection attempts. Regularly audit database permissions to ensure least privilege principles are enforced, limiting the potential damage from any successful injection. Additionally, organizations should perform vulnerability scanning and penetration testing focused on SQL Injection to verify the effectiveness of mitigations and detect any residual risks.