CVE-2025-61605 is a critical SQL Injection vulnerability identified in the WeGIA web management platform, primarily used by charitable organizations. The vulnerability resides in the /pet/profile_pet.php endpoint, specifically within the id_pet parameter, which fails to properly neutralize special characters in SQL commands. This improper sanitization allows attackers to inject arbitrary SQL code, potentially leading to unauthorized data access, data modification, or deletion, and even full database compromise. The vulnerability requires no user interaction and can be exploited remotely over the network by attackers with low privileges, making it highly accessible. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H) reflects a network attack vector with low complexity, no authentication required, and high impact on confidentiality, integrity, and availability. Although no public exploits have been reported yet, the critical nature of the flaw and the widespread use of WeGIA in charitable sectors necessitate urgent remediation. The vendor has addressed the issue in version 3.5.0, which includes proper input validation and parameterized queries to prevent SQL injection. Organizations running affected versions should prioritize upgrading and consider additional protective measures such as web application firewalls and database activity monitoring to detect and block exploitation attempts.

For European organizations, especially those in the charitable and non-profit sectors using WeGIA, this vulnerability poses a significant risk. Successful exploitation can lead to unauthorized disclosure of sensitive donor and beneficiary data, manipulation or deletion of records, and disruption of service availability. Such impacts can damage organizational reputation, lead to regulatory penalties under GDPR due to data breaches, and impair operational capabilities. The critical severity and ease of exploitation mean attackers could rapidly compromise systems without needing user interaction or elevated privileges. This threat is particularly concerning for organizations handling sensitive personal data or financial information. Additionally, the potential for data integrity compromise could undermine trust in these institutions. The lack of known exploits in the wild currently provides a small window for proactive defense, but the risk of imminent exploitation attempts remains high.

1. Immediately upgrade all WeGIA installations to version 3.5.0 or later, which contains the fix for this SQL Injection vulnerability. 2. Implement web application firewalls (WAFs) with specific rules to detect and block SQL injection attempts targeting the /pet/profile_pet.php endpoint and the id_pet parameter. 3. Conduct thorough code reviews and penetration testing on custom or integrated modules interacting with the database to identify any residual injection points. 4. Employ database activity monitoring tools to detect anomalous queries indicative of injection attacks. 5. Enforce least privilege principles on database accounts used by WeGIA, limiting permissions to only necessary operations. 6. Regularly audit logs for suspicious activity related to SQL queries and access patterns. 7. Educate IT and security teams about the vulnerability and ensure rapid incident response capabilities are in place. 8. Consider network segmentation to isolate critical databases and limit exposure. 9. Maintain up-to-date backups to enable recovery in case of data corruption or deletion.