Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

LabRedesCefetRJ — Vulnerabilities & Security Advisories 168

Browse all 168 CVE security advisories affecting LabRedesCefetRJ. AI-powered Chinese analysis, POCs, and references for each vulnerability.

LabRedesCefetRJ operates as a specialized academic laboratory focused on network research and development, primarily serving educational and experimental purposes within the CefetRJ institutional framework. Despite its non-commercial nature, the entity has accumulated a significant security footprint, with 168 Common Vulnerabilities and Exposures (CVEs) currently on record. Historical analysis reveals that these vulnerabilities predominantly stem from legacy web applications and network management interfaces, frequently involving remote code execution, cross-site scripting, and privilege escalation flaws. These issues often arise from outdated software dependencies and insufficient input validation in internal tools used for network simulation and testing. While no major public data breaches have been widely reported, the high volume of disclosed CVEs indicates persistent challenges in maintaining patch hygiene for experimental systems. The profile suggests a need for rigorous lifecycle management to mitigate risks associated with its research infrastructure.

Top products by LabRedesCefetRJ: WeGIA
CVE IDTitleCVSSSeverityPublished
CVE-2026-23725 WeGIA Stored Cross-Site Scripting (XSS) – nome Parameter on Adopters Information Page — WeGIACWE-79 5.4 -2026-01-16
CVE-2026-23724 WeGIA Stored Cross-Site Scripting (XSS) – atendido_idatendido Parameter on Occurrence Registration Page — WeGIACWE-79 4.3 Medium2026-01-16
CVE-2026-23722 WeGIA has a Reflected Cross-Site Scripting (XSS) vulnerability allowing arbitrary code execution and UI redressing. — WeGIACWE-79 9.1 Critical2026-01-16
CVE-2026-23723 WeGIA has a Critical SQL Injection in Atendido_ocorrenciaControle via id_memorando parameter — WeGIACWE-89 7.2 High2026-01-16
CVE-2025-67501 WeGIA is vulnerable to SQL Injection via editar_categoria endpoint parameter — WeGIACWE-89 8.8AIHighAI2025-12-09
CVE-2025-67496 WeGia is Vulnerable to XSS through id_pessoa Parameter on Password Configuration Page — WeGIACWE-79 4.3 Medium2025-12-09
CVE-2025-62598 WeGIA Vulnerable to Reflected Cross-Site Scripting via Endpoint 'pessoa/editar_info_pessoal.php' Parameter 'action' — WeGIACWE-79 6.1AIMediumAI2025-10-21
CVE-2025-62597 WeGIA Vulnerable to Reflected Cross-Site Scripting via Endpoint 'pessoa/editar_info_pessoal.php' Parameter 'sql' — WeGIACWE-79 6.1AIMediumAI2025-10-21
CVE-2025-62361 WeGIA Open Redirect Vulnerability in `control.php` endpoint `nextPage` parameter (metodo=listarTodos nomeClasse=AlmoxarifeControle) — WeGIACWE-601 6.1AIMediumAI2025-10-13
CVE-2025-62360 WeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php` — WeGIACWE-89 8.8AIHighAI2025-10-13
CVE-2025-62359 WeGIA Cross-Site Scripting (XSS) Reflected endpoint id_pet — WeGIACWE-79 6.1AIMediumAI2025-10-13
CVE-2025-62358 WeGIA Reflected XSS to Account TakeOver at /html/configuracao/configuracao_geral.php via log parameter — WeGIACWE-79 5.4 Medium2025-10-13
CVE-2025-62179 WeGIA SQL Injection via 'cpf' param at endpoint `/html/funcionario/cadastro_funcionario_pessoa_existente.php` — WeGIACWE-89 8.8AIHighAI2025-10-13
CVE-2025-62178 WeGIA Cross-Site Scripting (XSS) Reflected endpoint '/html/atendido/cadastro_atendido_parentesco_pessoa_nova.php' parameter 'idatendido' — WeGIACWE-79 3.5 Low2025-10-13
CVE-2025-62177 WeGIA vulnerable to SQL Injection via 'id_funcionario' param at endpoint `/html/funcionario/dependente_listar.php` — WeGIACWE-89 8.8AIHighAI2025-10-13
CVE-2025-61665 WeGIA: Broken Access Control in `get_relatorios_socios.php` Endpoint — WeGIACWE-287 7.5 -2025-10-02
CVE-2025-61606 WeGIA: Open Redirect Vulnerability in `control.php` endpoint — WeGIACWE-601 6.1 -2025-10-02
CVE-2025-61605 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in /pet/profile_pet.php Endpoint — WeGIACWE-89 9.8 -2025-10-02
CVE-2025-61604 WeGIA: Cross-Site Request Forgery (CSRF) Vulnerability in `control.php` Endpoint — WeGIACWE-352 6.5 -2025-10-02
CVE-2025-61603 WeGIA: SQL Injection (Blind Time-Based) Vulnerability in API `descricao` Parameter — WeGIACWE-89 9.8 -2025-10-02
CVE-2025-59939 WeGIA vulnerable to SQL Injection into method `excluir` of the `ProdutoControle` class in the parameter `id_produto`. — WeGIACWE-89 8.8 High2025-09-27
CVE-2025-58745 WeGIA has a bypass for the fix for CVE-2025-22133 - Arbitrary File Upload leads to Remote Code Execution (RCE) — WeGIACWE-94 10.0 Critical2025-09-08
CVE-2025-58454 WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'listar_despachos.php' parameter 'id_memorando' — WeGIACWE-89 6.5AIMediumAI2025-09-08
CVE-2025-58453 WeGIA vulnerable to Blind Time-Based SQL Injection in endpoint 'exibe_anexo.php' parameter 'id_anexo' — WeGIACWE-89 6.5AIMediumAI2025-09-08
CVE-2025-58452 WeGIA vulnerable to Reflected Cross-Site Scripting (XSS) in endpoint 'listar_despachos.php' parameter 'id_memorando' — WeGIACWE-79 6.1AIMediumAI2025-09-08
CVE-2025-58159 WeGIA Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE) — WeGIACWE-434 10.0 Critical2025-08-29
CVE-2025-57765 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'pre_cadastro_adotante.php' parameter 'msg_e' — WeGIACWE-79 6.5 Medium2025-08-21
CVE-2025-57764 WeGIA Cross-Site Scripting (XSS) Reflected endpoint 'cargos.php' parameter 'msg_e' — WeGIACWE-79 6.5 Medium2025-08-21
CVE-2025-57763 Cross-Site Scripting (XSS) Reflected in 'insere_despacho.php' parameter 'sccs' — WeGIACWE-79 6.1AIMediumAI2025-08-21
CVE-2025-57762 WeGIA Stored Cross-Site Scripting (XSS) vulnerability in the endpoint 'dependente_docdependente.php' with parameter 'nome' — WeGIACWE-79 5.4AIMediumAI2025-08-21

This page lists every published CVE security advisory associated with LabRedesCefetRJ. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.