CNNVD-202601-2752 Information

CNNVD ID

CNNVD-202601-2752

Related CVE

CVE-2026-23723

• CNNVD Published: 2026-01-16

Description (Chinese)

WeGIA是Nilson Lazarin个人开发者的一个福利机构的网络管理器。 WeGIA 3.6.2之前版本存在SQL注入漏洞，该漏洞源于Atendido_ocorrenciaControle端点存在SQL注入漏洞，可能导致数据库数据泄露。

Description (English)

WeGIA is the network manager of a welfare institution of the Nelson Lazarin personal developer. The previous version of WeGIA 3.6.2 had an injection loophole in SQL, which originated from the Atendido ocorenciaControle endpoint, which could lead to the release of database data.

Hazard Level

Medium

Vulnerability Type

SQL注入

Affected Vendor

个人开发者

Published

2026-01-16

Last Modified

2026-02-24

References

https://github.com/LabRedesCefetRJ/WeGIA/pull/1333 https://github.com/LabRedesCefetRJ/WeGIA/releases/tag/3.6.2 https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-xfmp-2hf9-gfjp https://access.redhat.com/security/cve/cve-2026-23723

Patch

https://github.com/LabRedesCefetRJ/WeGIA/releases