CNNVD-202510-266 Information

CNNVD ID

CNNVD-202510-266

Related CVE

CVE-2025-61605

• CNNVD Published: 2025-10-02

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.12及之前版本存在安全漏洞，该漏洞源于对文件/pet/profile_pet.php中参数id_pet的错误操作，可能导致SQL注入攻击。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. WeGIA 3.4.12 and previous versions have a security loophole, which stems from an error in the id pet of the parameter in the document/pet/profile pet.php, which could lead to an SQL injection attack.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-02

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/commit/176733543c9b6762bef5ddec7c9c555f76fafa1d https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-8963-9833-gpx7

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases