Browse all 5 CVE security advisories affecting nilsonLazarin. AI-powered Chinese analysis, POCs, and references for each vulnerability.
nilsonLazarin is a security researcher focused on identifying vulnerabilities in web applications and enterprise software. Their work primarily centers on uncovering flaws that could lead to remote code execution, cross-site scripting, and privilege escalation. With five CVEs attributed to them, their research often targets authentication mechanisms and data processing functions. While no major public incidents are directly linked to their findings, their contributions highlight common weaknesses in access control and input validation. Their CVE record demonstrates a consistent pattern of exposing vulnerabilities that could allow attackers to compromise system integrity or escalate privileges within affected environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-22141 | WeGIA SQL Injection (Blind Time-Based) endpoint 'verificar_recursos_cargo.php' parameter 'cargo' — WeGIACWE-89 | 9.8 | - | 2025-01-08 |
| CVE-2025-22139 | WeGIA Cross-Site Scripting (XSS) Reflected endpoint `configuracao_geral.php` parameter `msg` — WeGIACWE-79 | 6.1 | - | 2025-01-08 |
| CVE-2025-22140 | WeGIA SQL Injection (Blind Time-Based) endpoint 'dependente_listar_um.php' parameter 'id_dependente' — WeGIACWE-89 | 9.8 | - | 2025-01-08 |
| CVE-2025-22133 | WeGIA Allows Arbitrary File Upload with Remote Code Execution (RCE) — WeGIACWE-94 | 10.0 | Critical | 2025-01-07 |
| CVE-2025-22132 | WeGIA has a Cross-Site Scripting (XSS) in File Upload Field — WeGIACWE-79 | 8.3 | High | 2025-01-07 |
This page lists every published CVE security advisory associated with nilsonLazarin. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.