CNNVD-202506-2569 Information

CNNVD ID

CNNVD-202506-2569

Related CVE

CVE-2025-52474

• CNNVD Published: 2025-06-19

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.2之前版本存在SQL注入漏洞，该漏洞源于/WeGIA/controle/control.php端点中的id参数存在SQL注入问题。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. The previous version of WeGIA 3.4.2 had an injection loophole in SQL, which originated from the id parameter in /WeGIA/control/control.php endpoint.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Live Support

Published

2025-06-19

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/commit/b6fbb3e21b8d71e50afe0395dca44acdd1ca2e29 https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rwvh-2gfh-wmcm

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases