CNNVD-202510-270 Information

CNNVD ID

CNNVD-202510-270

Related CVE

CVE-2025-61603

• CNNVD Published: 2025-10-02

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.4.12及之前版本存在安全漏洞，该漏洞源于对文件/controle/control.php中参数descricao的验证不足，可能导致SQL注入攻击。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. WeGIA 3.4.12 and previous versions have a security loophole, which stems from insufficient verification of the parameter descricao in the document/control/control.php, which could lead to an attack on SQL.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-10-02

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/commit/84958eed73741a544859eea297908db3b83b3833 https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-v8hm-pq8g-c7j4

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases