CNNVD-202506-3313 Information

CNNVD ID

CNNVD-202506-3313

Related CVE

CVE-2025-6695

• CNNVD Published: 2025-06-26

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.0版本存在代码注入漏洞，该漏洞源于对文件/html/matPat/adicionar_categoria.php中参数Insira a nova categoria的错误操作，导致跨站脚本攻击。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. Version 3.4.0 of WeGIA has a code-infusion loophole, which results from an error in the use of the parameter Insira a nova categoria in the file/html/matPat/adicionar categoria.php, leading to a cross-site script attack.

Hazard Level

Critical

Vulnerability Type

代码注入

Affected Vendor

Live Support

Published

2025-06-26

Last Modified

2026-02-24

References

https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README2.md https://vuldb.com/?ctiid.313961 https://vuldb.com/?id.313961 https://vuldb.com/?submit.597071

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases