CNNVD-202507-740 Information

CNNVD ID

CNNVD-202507-740

Related CVE

CVE-2025-53527

• CNNVD Published: 2025-07-07

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.1之前版本存在SQL注入漏洞，该漏洞源于almox参数未正确处理，可能导致基于时间的盲SQL注入攻击。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. The previous version of WeGIA 3.4.1 had an injection loophole in SQL, which originated from the incorrect handling of almox parameters, which could lead to a time-based blind SQL injection attack.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Live Support

Published

2025-07-07

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-43xw-c4g6-jgff https://github.com/LabRedesCefetRJ/WeGIA/commit/9de9a741d1d26ae76b2215a32660817d9bd452aa https://access.redhat.com/security/cve/cve-2025-53527

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases