CNNVD-202506-3341 Information
CNNVD ID
CNNVD-202506-3341
Related CVE
- CNNVD Published: 2025-06-26
Description (Chinese)
WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 LabRedesCefetRJ WeGIA 3.4.0版本存在代码注入漏洞,该漏洞源于对文件/html/funcionario/cadastro_funcionario.php中参数Nome/Sobrenome的错误操作,导致跨站脚本攻击。
Description (English)
WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. LabRedesCefet RJ Wegia version 3.4.0 contains a code-injection loophole, which results from a wrong operation on the parameter Noome/Sobrenome in document /html/funcionario/cadastro funcionario.php, resulting in a cross-site script attack.
Hazard Level
Critical
Vulnerability Type
代码注入
Affected Vendor
Live Support
Published
2025-06-26
Last Modified
2026-02-24
References
https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README7.md https://vuldb.com/?ctiid.313965 https://vuldb.com/?id.313965 https://vuldb.com/?submit.597401
Patch
https://github.com/LabRedesCefetRJ/WeGIA/releases
Share on: