Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WeGIA — Vulnerabilities & Security Advisories 173

All 173 CVE vulnerabilities found in WeGIA, with AI-generated Chinese analysis, references, and POCs.

Vendor: nilsonLazarin

CVE IDTitleCVSSSeverityPublished
CVE-2026-40286 WeGIA has Cross-Site Scripting in Controle de Contribuição CWE-79 7.5 High2026-04-17
CVE-2026-40285 WeGIA has SQL Injection via Session Variable Override in DespachoControle.php CWE-89 8.8 High2026-04-17
CVE-2026-40284 WeGIA has stored XSS in listar_despachos.php CWE-79 6.8 Medium2026-04-17
CVE-2026-40282 WeGIA has stored XSS in intercorrencia_visualizar.php CWE-79 5.4AIMediumAI2026-04-17
CVE-2026-40283 WeGIA has stored XSS in profile_paciente.php CWE-79 6.8 Medium2026-04-17
CVE-2026-35475 WeGIA - Open Redirect - backup redirection — Unvalidated $_GET['redirect'] CWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35474 WeGIA - Open Redirect - atualizacao redirection - Unvalidated $_GET['redirect'] CWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35473 WeGIA - Open Redirect - IentradaControle - listarId() - Unvalidated $_GET['nextPage'] CWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35399 WeGIA has Stored XSS in backup file names CWE-79 5.4AIMediumAI2026-04-06
CVE-2026-35472 WeGIA - Open Redirect - EstoqueControle - listarTodos() - Unvalidated $_GET['nextPage'] CWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage'] CWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35396 WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage'] CWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35395 WeGIA has a SQL Injection in DespachoDAO.php via id_memorando parameter CWE-89 8.8 High2026-04-06
CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php CWE-89 8.8 High2026-03-27
CVE-2026-33136 WeGIA has Reflected Cross-Site Scripting (XSS) in `listar_memorandos_ativos.php` via `sccd` parameter CWE-79 9.3 Critical2026-03-20
CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter CWE-79 9.3 Critical2026-03-20
CVE-2026-33134 WeGIA has Authenticated Time-Based Blind SQL Injection in `restaurar_produto.php` via `id_produto` parameter CWE-89 9.3 Critical2026-03-20
CVE-2026-33133 WeGIA has an arbitrary SQL execution vulnerability via crafted backup archive CWE-89 8.8 -2026-03-20
CVE-2026-31896 WeGIA has a Time-Based Blind SQL Injection in remover_produto_ocultar.php CWE-89 9.8 Critical2026-03-11
CVE-2026-31895 WeGIA has a SQL Injection via Direct Query Interpolation in restaurar_produto.php CWE-89 8.8 High2026-03-11
CVE-2026-31894 WeGIA affected by arbitrary file read via symlink in backup restore CWE-59 7.5AIHighAI2026-03-11
CVE-2026-28411 WeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)` CWE-288 9.8 Critical2026-02-27
CVE-2026-28409 WeGIA Vulnerable to Remote Code Execution (RCE) via OS Command Injection CWE-78 10.0 Critical2026-02-27
CVE-2026-28408 WeGIA lacks authentication verification in adicionar_tipo_docs_atendido.php CWE-862 9.8 Critical2026-02-27
CVE-2026-23731 WeGIA Clickjacking Vulnerability CWE-1021 4.3 Medium2026-01-16
CVE-2026-23730 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=ProdutoControle) CWE-601 6.1 -2026-01-16
CVE-2026-23729 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarDescricao, nomeClasse=ProdutoControle) CWE-601 6.1 -2026-01-16
CVE-2026-23728 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=DestinoControle) CWE-601 6.1 -2026-01-16
CVE-2026-23727 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoSaidaControle) CWE-601 6.1 -2026-01-16
CVE-2026-23726 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoEntradaControle) CWE-601 6.1 -2026-01-16

All 173 known CVE vulnerabilities affecting WeGIA with full Chinese analysis, references, and POCs where available.