Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

WeGIA — Vulnerabilities & Security Advisories 179

All 179 CVE vulnerabilities found in WeGIA, with AI-generated Chinese analysis, references, and POCs.

This page provides a comprehensive aggregation of Common Weakness Enumerations (CWE) associated with the WeGIA product, maintained by its respective vendor. It systematically collects and organizes security data regarding software vulnerabilities, configuration issues, and implementation flaws that have been identified within the WeGIA ecosystem. The dataset encompasses all publicly disclosed security advisories and vulnerability reports from the product's initial release through the present day, ensuring a complete historical record of its security posture. Users can leverage this resource to track specific vendor advisories, allowing them to monitor remediation efforts and update cycles in real time. Additionally, the page serves as a reference for understanding the prevalence and characteristics of specific weakness classes within this particular software environment, helping analysts contextualize risk profiles. It also enables stakeholders to look up the vulnerability history of the product, revealing trends in bug discovery and patch deployment over time. By centralizing this information, the tool facilitates deeper security analysis and supports informed decision-making for administrators and developers managing WeGIA instances. The aggregation is structured to allow efficient filtering by severity, release date, and weakness type, ensuring that users can quickly locate relevant data without sifting through unstructured sources. This consolidated view highlights the relationship between known weaknesses and the product's architectural components, providing a clearer picture of potential attack surfaces.

Vendor: nilsonLazarin

CVE IDTitleCVSSSeverityPublished
CVE-2025-23219 WeGIA has a SQL Injection endpoint 'adicionar_cor.php' parameter 'cor' CWE-89 9.1 -2025-01-20
CVE-2025-23218 WeGIA has a SQL Injection endpoint 'adicionar_especie.php' parameter 'especie' CWE-89 7.5 -2025-01-20
CVE-2025-23038 Cross-Site Scripting (XSS) Stored endpoint 'remuneracao.php ' parameter 'descricao' in WeGIA CWE-79 5.4 -2025-01-13
CVE-2025-23030 Cross-Site Scripting (XSS) Reflected endpoint 'cadastro_funcionario.php' parameter 'cpf' in WeGIA CWE-79 6.1 -2025-01-13
CVE-2025-23031 Cross-Site Scripting (XSS) Stored endpoint 'adicionar_alergia.php' parameter 'nome' in WeGIA CWE-79 5.4 -2025-01-13
CVE-2025-23032 Cross-Site Scripting (XSS) Stored endpoint 'adicionar_escala.php' parameter 'escala' in WeGIA CWE-79 5.4 -2025-01-13
CVE-2025-23033 Cross-Site Scripting (XSS) Stored endpoint 'adicionar_situacao.php' parameter 'situacao' in WeGIA CWE-79 5.4 -2025-01-13
CVE-2025-23034 Cross-Site Scripting (XSS) Reflected endpoint 'tags.php' parameter 'msg_e' in WeGIA CWE-79 6.1 -2025-01-13
CVE-2025-23035 Cross-Site Scripting (XSS) Stored endpoint 'adicionar_tipo_quadro_horario.php' parameter 'tipo' in WeGIA CWE-79 5.4 -2025-01-13
CVE-2025-23036 Cross-Site Scripting (XSS) Reflected endpoint 'pre_cadastro_funcionario.php' parameter 'msg_e' in WeGIA CWE-79 6.1 -2025-01-13
CVE-2025-23037 Cross-Site Scripting (XSS) Stored endpoint 'control.php' parameter 'cargo' in WeGIA CWE-79 5.4 -2025-01-13
CVE-2025-22613 WeGIA Cross-Site Scripting (XSS) Stored endpoint 'informacao_adicional.php' parameter 'descricao' CWE-79 5.4 -2025-01-13
CVE-2025-22614 WeGIA Cross-Site Scripting (XSS) Stored endpoint 'dependente_editarInfoPessoal.php ' parameters 'nome' 'SobrenomeForm' CWE-79 5.4 -2025-01-13
CVE-2025-22615 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'Cadastro_Atendido.php' parameter 'cpf' CWE-79 6.1 -2025-01-13
CVE-2025-22616 WeGIA Cross-Site Scripting (XSS) Stored endpoint 'dependente_parentesco_adicionar.php' parameter 'descricao' CWE-79 5.4 -2025-01-13
CVE-2025-22617 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_socio.php' parameter 'socio' CWE-79 6.1 -2025-01-13
CVE-2025-22618 WeGIA Cross-Site Scripting (XSS) Stored endpoint 'adicionar_cargo.php' parameter 'cargo' CWE-79 5.4 -2025-01-13
CVE-2025-22619 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'editar_permissoes.php' parameter 'msg_c' CWE-79 6.1 -2025-01-13
CVE-2025-22600 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `configuracao_doacao.php` parameter `avulso` CWE-79 6.1 -2025-01-10
CVE-2025-22599 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `home.php` parameter `msg_c` CWE-79 6.1 -2025-01-10
CVE-2025-22598 WeGIA has a Cross-Site Scripting (XSS) Stored endpoint 'cadastrarSocio.php' parameter 'nome' CWE-79 8.3 High2025-01-10
CVE-2025-22597 WeGIA has a Cross-Site Scripting (XSS) Stored endpoint 'CobrancaController.php' parameter 'local_recepcao' CWE-79 8.3 High2025-01-10
CVE-2025-22596 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint 'modulos_visiveis.php' parameter'msg_c' CWE-79 6.1 -2025-01-10
CVE-2025-22143 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'listar_permissoes.php' parameter 'msg_e' CWE-79 6.1 -2025-01-08
CVE-2025-22141 WeGIA SQL Injection (Blind Time-Based) endpoint 'verificar_recursos_cargo.php' parameter 'cargo' CWE-89 9.8 -2025-01-08
CVE-2025-22139 WeGIA Cross-Site Scripting (XSS) Reflected endpoint `configuracao_geral.php` parameter `msg` CWE-79 6.1 -2025-01-08
CVE-2025-22140 WeGIA SQL Injection (Blind Time-Based) endpoint 'dependente_listar_um.php' parameter 'id_dependente' CWE-89 9.8 -2025-01-08
CVE-2025-22133 WeGIA Allows Arbitrary File Upload with Remote Code Execution (RCE) CWE-94 10.0 Critical2025-01-07
CVE-2025-22132 WeGIA has a Cross-Site Scripting (XSS) in File Upload Field CWE-79 8.3 High2025-01-07

All 179 known CVE vulnerabilities affecting WeGIA with full Chinese analysis, references, and POCs where available.