| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-62359 | WeGIA Cross-Site Scripting (XSS) Reflected endpoint id_pet | LabRedesCefetRJ | WeGIA | - | - | 2025-10-13 21:21:48 | Deep Dive |
| CVE-2025-62358 | WeGIA Reflected XSS to Account TakeOver at /html/configuracao/configuracao_geral.php via log parameter | LabRedesCefetRJ | WeGIA | Medium | 5.4 | 2025-10-13 21:16:41 | Deep Dive |
| CVE-2025-62179 | WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php` | LabRedesCefetRJ | WeGIA | - | - | 2025-10-13 21:14:00 | Deep Dive |
| CVE-2025-62178 | WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido' | LabRedesCefetRJ | WeGIA | Low | 3.5 | 2025-10-13 21:12:17 | Deep Dive |
| CVE-2025-62177 | WeGIA vulnerable to SQL Injection via 'id_funcionario' param at endpoint `/html/funcionario/dependente_listar.php` | LabRedesCefetRJ | WeGIA | - | - | 2025-10-13 21:09:30 | Deep Dive |
| CVE-2025-61665 | WeGIA: Broken Access Control in `get_relatorios_socios.php` Endpoint | LabRedesCefetRJ | WeGIA | 高危 | - | 2025-10-02 20:39:10 | Deep Dive |
| CVE-2025-61606 | WeGIA: Open Redirect Vulnerability in `control.php` endpoint | LabRedesCefetRJ | WeGIA | 中危 | - | 2025-10-02 20:25:58 | Deep Dive |
| CVE-2025-61605 | WeGIA: SQL Injection (Blind Time-Based) Vulnerability in /pet/profile_pet.php Endpoint | LabRedesCefetRJ | WeGIA | 超危 | - | 2025-10-02 20:13:03 | Deep Dive |
| CVE-2025-61604 | WeGIA: Cross-Site Request Forgery (CSRF) Vulnerability in `control.php` Endpoint | LabRedesCefetRJ | WeGIA | 高危 | - | 2025-10-02 20:09:23 | Deep Dive |
| CVE-2025-61603 | WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter | LabRedesCefetRJ | WeGIA | 超危 | - | 2025-10-02 19:53:37 | Deep Dive |
| CVE-2025-59939 | WeGIA vulnerable to SQL Injection into method `excluir` of the `ProdutoControle` class in the parameter `id_produto`. | LabRedesCefetRJ | WeGIA | High | 8.8 | 2025-09-27 00:38:43 | Deep Dive |
| CVE-2025-58745 | WeGIA has a bypass for the fix for CVE-2025-22133 - Arbitrary File Upload leads to Remote Code Execution (RCE) | LabRedesCefetRJ | WeGIA | Critical | 9.9 | 2025-09-08 22:40:56 | Deep Dive |
| CVE-2025-58454 | WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'listar_despachos.php' parameter 'id_memorando' | LabRedesCefetRJ | WeGIA | - | - | 2025-09-08 22:35:05 | Deep Dive |
| CVE-2025-58453 | WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'exibe_anexo.php' parameter 'id_anexo' | LabRedesCefetRJ | WeGIA | - | - | 2025-09-08 22:28:41 | Deep Dive |
| CVE-2025-58452 | WeGIA vulnerable to Reflected Cross-Site Scripting (XSS) in endpoint 'listar_despachos.php' parameter 'id_memorando' | LabRedesCefetRJ | WeGIA | - | - | 2025-09-08 22:26:24 | Deep Dive |
| CVE-2025-58159 | WeGIA Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE) | LabRedesCefetRJ | WeGIA | Critical | 9.9 | 2025-08-29 22:15:12 | Deep Dive |
| CVE-2025-57765 | WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'pre_cadastro_adotante.php' parameter 'msg_e' | LabRedesCefetRJ | WeGIA | Medium | 6.5 | 2025-08-21 17:05:46 | Deep Dive |
| CVE-2025-57764 | WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'cargos.php' parameter 'msg_e' | LabRedesCefetRJ | WeGIA | Medium | 6.5 | 2025-08-21 17:04:07 | Deep Dive |
| CVE-2025-57763 | Cross-Site Scripting (XSS) Reflected in 'insere_despacho.php' parameter 'sccs' | LabRedesCefetRJ | WeGIA | - | - | 2025-08-21 16:59:38 | Deep Dive |
| CVE-2025-57762 | WeGIA Stored Cross-Site Scripting (XSS) vulnerability in the endpoint 'dependente_docdependente.php' with parameter 'nome' | LabRedesCefetRJ | WeGIA | - | - | 2025-08-21 16:46:55 | Deep Dive |