WeGIA — Vulnerabilities & Security Advisories 173

All 173 CVE vulnerabilities found in WeGIA, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-23033	Cross-Site Scripting (XSS) Stored endpoint 'adicionar_situacao.php' parameter 'situacao' in WeGIA CWE-79	5.4	-	2025-01-13
CVE-2025-23034	Cross-Site Scripting (XSS) Reflected endpoint 'tags.php' parameter 'msg_e' in WeGIA CWE-79	6.1	-	2025-01-13
CVE-2025-23035	Cross-Site Scripting (XSS) Stored endpoint 'adicionar_tipo_quadro_horario.php' parameter 'tipo' in WeGIA CWE-79	5.4	-	2025-01-13
CVE-2025-23036	Cross-Site Scripting (XSS) Reflected endpoint 'pre_cadastro_funcionario.php' parameter 'msg_e' in WeGIA CWE-79	6.1	-	2025-01-13
CVE-2025-23037	Cross-Site Scripting (XSS) Stored endpoint 'control.php' parameter 'cargo' in WeGIA CWE-79	5.4	-	2025-01-13
CVE-2025-22613	WeGIA Cross-Site Scripting (XSS) Stored endpoint 'informacao_adicional.php' parameter 'descricao' CWE-79	5.4	-	2025-01-13
CVE-2025-22614	WeGIA Cross-Site Scripting (XSS) Stored endpoint 'dependente_editarInfoPessoal.php ' parameters 'nome' 'SobrenomeForm' CWE-79	5.4	-	2025-01-13
CVE-2025-22615	WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'Cadastro_Atendido.php' parameter 'cpf' CWE-79	6.1	-	2025-01-13
CVE-2025-22616	WeGIA Cross-Site Scripting (XSS) Stored endpoint 'dependente_parentesco_adicionar.php' parameter 'descricao' CWE-79	5.4	-	2025-01-13
CVE-2025-22617	WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_socio.php' parameter 'socio' CWE-79	6.1	-	2025-01-13
CVE-2025-22618	WeGIA Cross-Site Scripting (XSS) Stored endpoint 'adicionar_cargo.php' parameter 'cargo' CWE-79	5.4	-	2025-01-13
CVE-2025-22619	WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_permissoes.php' parameter 'msg_c' CWE-79	6.1	-	2025-01-13
CVE-2025-22600	WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `configuracao_doacao.php` parameter `avulso` CWE-79	6.1	-	2025-01-10
CVE-2025-22599	WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `home.php` parameter `msg_c` CWE-79	6.1	-	2025-01-10
CVE-2025-22598	WeGIA has a Cross-Site Scripting (XSS) Stored endpoint 'cadastrarSocio.php' parameter 'nome' CWE-79	8.3	High	2025-01-10
CVE-2025-22597	WeGIA has a Cross-Site Scripting (XSS) Stored endpoint 'CobrancaController.php' parameter 'local_recepcao' CWE-79	8.3	High	2025-01-10
CVE-2025-22596	WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint 'modulos_visiveis.php' parameter'msg_c' CWE-79	6.1	-	2025-01-10
CVE-2025-22143	WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'listar_permissoes.php' parameter 'msg_e' CWE-79	6.1	-	2025-01-08
CVE-2025-22141	WeGIA SQL Injection (Blind Time-Based) endpoint 'verificar_recursos_cargo.php' parameter 'cargo' CWE-89	9.8	-	2025-01-08
CVE-2025-22139	WeGIA Cross-Site Scripting (XSS) Reflected endpoint `configuracao_geral.php` parameter `msg` CWE-79	6.1	-	2025-01-08
CVE-2025-22140	WeGIA SQL Injection (Blind Time-Based) endpoint 'dependente_listar_um.php' parameter 'id_dependente' CWE-89	9.8	-	2025-01-08
CVE-2025-22133	WeGIA Allows Arbitrary File Upload with Remote Code Execution (RCE) CWE-94	10.0	Critical	2025-01-07
CVE-2025-22132	WeGIA has a Cross-Site Scripting (XSS) in File Upload Field CWE-79	8.3	High	2025-01-07

All 173 known CVE vulnerabilities affecting WeGIA with full Chinese analysis, references, and POCs where available.

Goal Reached Thanks to every supporter — we hit 100%!

WeGIA — Vulnerabilities & Security Advisories 173