CNNVD-202506-3326 Information
Jun 26, 2025
cve
CNNVD ID
CNNVD-202506-3326
Related CVE
- CNNVD Published: 2025-06-26
Description (Chinese)
WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.0版本存在代码注入漏洞,该漏洞源于对文件/html/atendido/Cadastro_Atendido.php中参数Nome/Sobrenome的错误操作,导致跨站脚本攻击。
Description (English)
WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. Version 3.4.0 of the WeGIA contains a code-infusion loophole, which stems from an error in the argument Nome/Sobrenome in document /html/atendido/Cadastro Atendido.php, resulting in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
Live Support
Published
2025-06-26
Last Modified
2026-02-24
References
https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README3.md https://vuldb.com/?ctiid.313962 https://vuldb.com/?id.313962 https://vuldb.com/?submit.597078
Patch
https://github.com/LabRedesCefetRJ/WeGIA/releases
Share on: