SB2025021601 - Multiple vulnerabilities in WeGIA
Published: February 16, 2025 Updated: May 2, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 8 vulnerabilities.
1) SQL injection (CVE-ID: CVE-2025-26605)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote user to execute arbitrary SQL queries and disclose sensitive information.
The vulnerability exists due to SQL injection in the deletar_cargo.php endpoint when handling the id_cargo request parameter. A remote user can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.
The issue affects the GET /html/geral/deletar_cargo.php endpoint.
2) SQL injection (CVE-ID: CVE-2025-26606)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.
The vulnerability exists due to SQL injection in the informacao_adicional.php endpoint when handling the id_descricao parameter in requests. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.
The issue can be exploited without being logged in because execution continues after the redirect following session validation.
3) SQL injection (CVE-ID: CVE-2025-26607)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary SQL queries.
The vulnerability exists due to SQL injection in the documento_excluir.php endpoint when handling a crafted id_funcionario GET parameter. A remote attacker can send a specially crafted request to execute arbitrary SQL queries.
The issue can be exploited without being logged in because execution continues after the redirect code following session validation.
4) SQL injection (CVE-ID: CVE-2025-26608)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.
The vulnerability exists due to SQL injection in the dependente_docdependente.php endpoint when handling POST requests containing the id_dependente or id_doc parameters. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.
The issue can be exploited without being logged in because execution continues after the redirect code following session validation.
5) SQL injection (CVE-ID: CVE-2025-26609)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.
The vulnerability exists due to SQL injection in the familiar_docfamiliar.php endpoint when handling POST requests containing the id_dependente or id_doc parameters. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.
The issue can be exploited without being logged in because execution continues after the redirect code following session validation.
6) SQL injection (CVE-ID: CVE-2025-26610)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
The vulnerability allows a remote user to execute arbitrary SQL queries and disclose sensitive information.
The vulnerability exists due to SQL injection in the restaurar_produto_desocultar.php endpoint when handling the id_produto GET parameter. A remote user can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.
7) SQL injection (CVE-ID: CVE-2025-26611)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.
The vulnerability exists due to SQL injection in the remover_produto.php endpoint when handling a crafted id_produto GET parameter. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.
The issue can be exploited without being logged in because execution continues after the redirect logic.
8) SQL injection (CVE-ID: CVE-2025-26612)
CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.
The vulnerability exists due to SQL injection in the adicionar_almoxarife.php endpoint when handling GET requests containing the id_funcionario or id_almoxarifado parameter. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.
Remediation
Install update from vendor's website.
References
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-6gv7-4j8g-cvgp
- https://github.com/advisories/GHSA-6gv7-4j8g-cvgp
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-rxjr-cw9q-cwwg
- https://github.com/advisories/GHSA-rxjr-cw9q-cwwg
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-g6wj-3vm2-c59m
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-65h2-7484-2pww
- https://github.com/advisories/GHSA-65h2-7484-2pww
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-h7jx-ggv8-v2rh
- https://github.com/advisories/GHSA-h7jx-ggv8-v2rh
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-6p7c-9hcx-jpqj
- https://github.com/advisories/GHSA-6p7c-9hcx-jpqj
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-q273-4vcj-qqp4
- https://github.com/advisories/GHSA-q273-4vcj-qqp4
- https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-9cwj-p4x6-pp88
- https://github.com/advisories/GHSA-9cwj-p4x6-pp88