SB2025021601 - Multiple vulnerabilities in WeGIA



SB2025021601 - Multiple vulnerabilities in WeGIA

Published: February 16, 2025 Updated: May 2, 2026

Security Bulletin ID SB2025021601
CSH Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 75% Medium 25%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 vulnerabilities.


1) SQL injection (CVE-ID: CVE-2025-26605)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to execute arbitrary SQL queries and disclose sensitive information.

The vulnerability exists due to SQL injection in the deletar_cargo.php endpoint when handling the id_cargo request parameter. A remote user can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.

The issue affects the GET /html/geral/deletar_cargo.php endpoint.


2) SQL injection (CVE-ID: CVE-2025-26606)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.

The vulnerability exists due to SQL injection in the informacao_adicional.php endpoint when handling the id_descricao parameter in requests. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.

The issue can be exploited without being logged in because execution continues after the redirect following session validation.


3) SQL injection (CVE-ID: CVE-2025-26607)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary SQL queries.

The vulnerability exists due to SQL injection in the documento_excluir.php endpoint when handling a crafted id_funcionario GET parameter. A remote attacker can send a specially crafted request to execute arbitrary SQL queries.

The issue can be exploited without being logged in because execution continues after the redirect code following session validation.


4) SQL injection (CVE-ID: CVE-2025-26608)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.

The vulnerability exists due to SQL injection in the dependente_docdependente.php endpoint when handling POST requests containing the id_dependente or id_doc parameters. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.

The issue can be exploited without being logged in because execution continues after the redirect code following session validation.


5) SQL injection (CVE-ID: CVE-2025-26609)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.

The vulnerability exists due to SQL injection in the familiar_docfamiliar.php endpoint when handling POST requests containing the id_dependente or id_doc parameters. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.

The issue can be exploited without being logged in because execution continues after the redirect code following session validation.


6) SQL injection (CVE-ID: CVE-2025-26610)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to execute arbitrary SQL queries and disclose sensitive information.

The vulnerability exists due to SQL injection in the restaurar_produto_desocultar.php endpoint when handling the id_produto GET parameter. A remote user can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.


7) SQL injection (CVE-ID: CVE-2025-26611)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.

The vulnerability exists due to SQL injection in the remover_produto.php endpoint when handling a crafted id_produto GET parameter. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.

The issue can be exploited without being logged in because execution continues after the redirect logic.


8) SQL injection (CVE-ID: CVE-2025-26612)

CWE-ID: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to execute arbitrary SQL queries and disclose sensitive information.

The vulnerability exists due to SQL injection in the adicionar_almoxarife.php endpoint when handling GET requests containing the id_funcionario or id_almoxarifado parameter. A remote attacker can send a specially crafted request to execute arbitrary SQL queries and disclose sensitive information.


Remediation

Install update from vendor's website.