Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

LabRedesCefetRJ — Vulnerabilities & Security Advisories 168

Browse all 168 CVE security advisories affecting LabRedesCefetRJ. AI-powered Chinese analysis, POCs, and references for each vulnerability.

LabRedesCefetRJ operates as a specialized academic laboratory focused on network research and development, primarily serving educational and experimental purposes within the CefetRJ institutional framework. Despite its non-commercial nature, the entity has accumulated a significant security footprint, with 168 Common Vulnerabilities and Exposures (CVEs) currently on record. Historical analysis reveals that these vulnerabilities predominantly stem from legacy web applications and network management interfaces, frequently involving remote code execution, cross-site scripting, and privilege escalation flaws. These issues often arise from outdated software dependencies and insufficient input validation in internal tools used for network simulation and testing. While no major public data breaches have been widely reported, the high volume of disclosed CVEs indicates persistent challenges in maintaining patch hygiene for experimental systems. The profile suggests a need for rigorous lifecycle management to mitigate risks associated with its research infrastructure.

Top products by LabRedesCefetRJ: WeGIA
CVE IDTitleCVSSSeverityPublished
CVE-2026-40286 WeGIA has Cross-Site Scripting in Controle de Contribuição — WeGIACWE-79 7.5 High2026-04-17
CVE-2026-40285 WeGIA has SQL Injection via Session Variable Override in DespachoControle.php — WeGIACWE-89 8.8 High2026-04-17
CVE-2026-40284 WeGIA has stored XSS in listar_despachos.php — WeGIACWE-79 6.8 Medium2026-04-17
CVE-2026-40282 WeGIA has stored XSS in intercorrencia_visualizar.php — WeGIACWE-79 5.4AIMediumAI2026-04-17
CVE-2026-40283 WeGIA has stored XSS in profile_paciente.php — WeGIACWE-79 6.8 Medium2026-04-17
CVE-2026-35475 WeGIA - Open Redirect - backup redirection — Unvalidated $_GET['redirect'] — WeGIACWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35474 WeGIA - Open Redirect - atualizacao redirection - Unvalidated $_GET['redirect'] — WeGIACWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35473 WeGIA - Open Redirect - IentradaControle - listarId() - Unvalidated $_GET['nextPage'] — WeGIACWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35399 WeGIA has Stored XSS in backup file names — WeGIACWE-79 5.4AIMediumAI2026-04-06
CVE-2026-35472 WeGIA - Open Redirect - EstoqueControle - listarTodos() - Unvalidated $_GET['nextPage'] — WeGIACWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35398 WeGIA - Open Redirect - OrigemControle - listarTodos() & listarId_Nome() - Unvalidated $_GET['nextPage'] — WeGIACWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35396 WeGIA - Open Redirect - IsaidaControle - listarId() - Unvalidated $_GET['nextPage'] — WeGIACWE-601 6.1AIMediumAI2026-04-06
CVE-2026-35395 WeGIA has a SQL Injection in DespachoDAO.php via id_memorando parameter — WeGIACWE-89 8.8 High2026-04-06
CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php — WeGIACWE-89 8.8 High2026-03-27
CVE-2026-33136 WeGIA has Reflected Cross-Site Scripting (XSS) in `listar_memorandos_ativos.php` via `sccd` parameter — WeGIACWE-79 9.3 Critical2026-03-20
CVE-2026-33135 WeGIA has Reflected Cross-Site Scripting (XSS) in `novo_memorandoo.php` via `sccs` parameter — WeGIACWE-79 9.3 Critical2026-03-20
CVE-2026-33134 WeGIA has Authenticated Time-Based Blind SQL Injection in `restaurar_produto.php` via `id_produto` parameter — WeGIACWE-89 9.3 Critical2026-03-20
CVE-2026-33133 WeGIA has an arbitrary SQL execution vulnerability via crafted backup archive — WeGIACWE-89 8.8 -2026-03-20
CVE-2026-31896 WeGIA has a Time-Based Blind SQL Injection in remover_produto_ocultar.php — WeGIACWE-89 9.8 Critical2026-03-11
CVE-2026-31895 WeGIA has a SQL Injection via Direct Query Interpolation in restaurar_produto.php — WeGIACWE-89 8.8 High2026-03-11
CVE-2026-31894 WeGIA affected by arbitrary file read via symlink in backup restore — WeGIACWE-59 7.5AIHighAI2026-03-11
CVE-2026-28411 WeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)` — WeGIACWE-288 9.8 Critical2026-02-27
CVE-2026-28409 WeGIA Vulnerable to Remote Code Execution (RCE) via OS Command Injection — WeGIACWE-78 10.0 Critical2026-02-27
CVE-2026-28408 WeGIA lacks authentication verification in adicionar_tipo_docs_atendido.php — WeGIACWE-862 9.8 Critical2026-02-27
CVE-2026-23731 WeGIA Clickjacking Vulnerability — WeGIACWE-1021 4.3 Medium2026-01-16
CVE-2026-23730 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=ProdutoControle) — WeGIACWE-601 6.1 -2026-01-16
CVE-2026-23729 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarDescricao, nomeClasse=ProdutoControle) — WeGIACWE-601 6.1 -2026-01-16
CVE-2026-23728 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=DestinoControle) — WeGIACWE-601 6.1 -2026-01-16
CVE-2026-23727 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoSaidaControle) — WeGIACWE-601 6.1 -2026-01-16
CVE-2026-23726 WeGIA has an Open Redirect Vulnerability in control.php Endpoint via nextPage Parameter (metodo=listarTodos, nomeClasse=TipoEntradaControle) — WeGIACWE-601 6.1 -2026-01-16

This page lists every published CVE security advisory associated with LabRedesCefetRJ. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.