Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

WeGIA — Vulnerabilities & Security Advisories 173

All 173 CVE vulnerabilities found in WeGIA, with AI-generated Chinese analysis, references, and POCs.

Vendor: nilsonLazarin

CVE IDTitleCVSSSeverityPublished
CVE-2025-53531 WeGIA allows Uncontrolled Resource Consumption via the fid parameter CWE-770 7.5AIHighAI2025-07-07
CVE-2025-53530 WeGIA allows Uncontrolled Resource Consumption via the errorstr parameter CWE-770 7.5AIHighAI2025-07-07
CVE-2025-53529 WeGIA allows SQL Injection in html/funcionario/profile_funcionario.php (id_funcionario parameter) CWE-89 9.8 Critical2025-07-07
CVE-2025-53527 WeGIA allows Time-Based Blind SQL Injection in the relatorio_geracao.php endpoint CWE-89 9.8AICriticalAI2025-07-07
CVE-2025-53526 WeGIA allows Stored XSS attacks in novo_memorando.php CWE-79 6.1AIMediumAI2025-07-07
CVE-2025-53525 WebGia allows Cross-Site Scripting (XSS) in profile_familiar.php via the id_dependente parameter CWE-79 6.1AIMediumAI2025-07-07
CVE-2025-53377 WebGia allows Cross-Site Scripting (XSS) in cadastro_dependente_pessoa_nova.php via the id_funcionario parameter CWE-79 6.1AIMediumAI2025-07-07
CVE-2025-53091 WeGIA has Unauthenticated Time-Based Blind SQL Injection in almox Parameter CWE-89 9.8AICriticalAI2025-06-27
CVE-2025-6699 LabRedesCefetRJ WeGIA Cadastro de Funcionário cadastro_funcionario.php cross site scripting CWE-79 3.5 Low2025-06-26
CVE-2025-6698 LabRedesCefetRJ WeGIA Adicionar tipo adicionar_tipoSaida.php cross site scripting CWE-79 3.5 Low2025-06-26
CVE-2025-6697 LabRedesCefetRJ WeGIA Adicionar tipo adicionar_tipoEntrada.php cross site scripting CWE-79 3.5 Low2025-06-26
CVE-2025-6696 LabRedesCefetRJ WeGIA Cadastro de Atendio Cadastro_Atendido.php cross site scripting CWE-79 3.5 Low2025-06-26
CVE-2025-6695 LabRedesCefetRJ WeGIA Additional Categoria adicionar_categoria.php cross site scripting CWE-79 3.5 Low2025-06-26
CVE-2025-6694 LabRedesCefetRJ WeGIA Adicionar Unidade adicionar_unidade.php cross site scripting CWE-79 3.5 Low2025-06-26
CVE-2025-52474 WeGIA SQL Injection Vulnerability in id Parameter on control.php Endpoint CWE-89 9.1AICriticalAI2025-06-19
CVE-2025-50201 WeGIA OS Command Injection in debug_info.php parameter 'branch' CWE-78 9.8 Critical2025-06-19
CVE-2025-46828 Unauthenticated SQL Injection on get_socios.php endpoint CWE-89 9.8AICriticalAI2025-05-07
CVE-2025-30367 WeGIA SQL Injection Vulnerability in nextPage Parameter on control.php Endpoint CWE-89 9.1AICriticalAI2025-03-27
CVE-2025-30366 WeGIA vulnerable to Stored XSS in personalizacao.php CWE-79 5.4AIMediumAI2025-03-27
CVE-2025-30365 SQL Injection in query_geracao_auto.php CWE-89 9.8AICriticalAI2025-03-27
CVE-2025-30364 WeGIA vulnerable to SQL Injection (Blind Time-Based) in remuneracao.php parameter id_funcionario CWE-89 9.8AICriticalAI2025-03-27
CVE-2025-30363 WeGIA vulnerable to Stored XSS in documentos_funcionario.php parameter dados_addInfo CWE-79 5.4AIMediumAI2025-03-27
CVE-2025-30362 WeGIA vulnerable to Stored XSS in documentos_funcionario.php parameter id CWE-79 5.4AIMediumAI2025-03-27
CVE-2025-30361 WeGIA Vulnerable to Broken Authentication - Old Password Validation CWE-287 9.1AICriticalAI2025-03-27
CVE-2025-29782 WeGIA Cross-Site Scripting (XSS) Stored in endpoint `adicionar_tipo_docs_atendido.php` parameter `tipo` CWE-79 5.4 -2025-03-14
CVE-2025-27499 WeGIA has a stored Cross-Site Scripting (XSS) in 'processa_edicao_socio.php' via the 'socio_nome' parameter CWE-79 5.4 -2025-03-03
CVE-2025-27419 Denial of Service (DoS) in WeGIA due to Recursive Crawling of Dynamic URLs CWE-770 7.5 -2025-03-03
CVE-2025-27420 WeGIA contains a Stored Cross-Site Scripting (XSS) in 'atendido_parentesco_adicionar.php' via the 'descricao' parameter CWE-79 5.4 -2025-03-03
CVE-2025-27418 WeGIA contains a Stored Cross-Site Scripting (XSS) in 'adicionar_tipo_atendido.php' via the 'tipo' parameter CWE-79 5.4 -2025-03-03
CVE-2025-27417 WeGIA Contains a Stored Cross-Site Scripting (XSS) in 'adicionar_status_atendido.php' via the 'status' parameter CWE-79 5.4 -2025-03-03

All 173 known CVE vulnerabilities affecting WeGIA with full Chinese analysis, references, and POCs where available.