Vulnerabilidades em LabRedesCefetRJ
176 resultadosCVE-2025-50201CRITICALWeGIA OS Command Injection in debug_info.php parameter 'branch'EPSS 4.9%CVE-2026-28409CRITICALWeGIA Vulnerable to Remote Code Execution (RCE) via OS Command InjectionEPSS 3.3%CVE-2025-27140CRITICALWeGIA vulnerable to OS Command Injection at endpoint 'importar_dump.php' parameter 'import' (RCE)EPSS 3.0%CVE-2025-26613CRITICALOS Command Injection endpoint 'gerenciar_backup.php' parameter 'file' (RCE) in WeGIAEPSS 2.6%CVE-2025-55169CRITICALWeGIA Path Traversal at endpoint 'html/socio/sistema/download_remessa.php' via parameter 'file'EPSS 1.4%CVE-2025-62360CRITICALWeGIA SQL Injection via 'id_dependente' param at endpoint `/html/funcionario/dependente_documento.php`EPSS 0.8%CVE-2025-26615CRITICALPath Traversal endpoint 'examples.php' parameter 'src' in WeGIAEPSS 0.7%CVE-2025-58745CRITICALWeGIA has a bypass for the fix for CVE-2025-22133 - Arbitrary File Upload leads to Remote Code Execution (RCE)EPSS 0.7%CVE-2025-58159CRITICALWeGIA Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE)EPSS 0.7%CVE-2025-26616CRITICALPath Traversal endpoint 'exportar_dump.php' parameter 'file' in WeGIAEPSS 0.6%CVE-2025-53938MEDIUMWeGIA vulnerable to Authentication Bypass due to Missing Session Validation in multiple endpointsEPSS 0.6%CVE-2026-28411CRITICALWeGIA Vulnerable to Authentication Bypass via `extract($_REQUEST)`EPSS 0.6%CVE-2025-55171HIGHWeGIA Anonymous Attacker can Delete Arbitrary Image file at endpoint `/html/personalizacao_remover.php`EPSS 0.6%CVE-2025-23220CRITICALWeGIA has a SQL Injection endpoint 'adicionar_raca.php' parameter 'raca'EPSS 0.6%CVE-2025-23218CRITICALWeGIA has a SQL Injection endpoint 'adicionar_especie.php' parameter 'especie'EPSS 0.6%CVE-2025-23219CRITICALWeGIA has a SQL Injection endpoint 'adicionar_cor.php' parameter 'cor'EPSS 0.6%CVE-2025-30364CRITICALWeGIA vulnerable to SQL Injection (Blind Time-Based) in remuneracao.php parameter id_funcionarioEPSS 0.6%CVE-2025-30365CRITICALSQL Injection in query_geracao_auto.phpEPSS 0.5%CVE-2025-26617CRITICALSQL Injection endpoint 'historico_paciente.php' parameter 'id_fichamedica' in WeGIAEPSS 0.5%CVE-2025-26607CRITICALSQL Injection endpoint 'documento_excluir.php' parameter 'id_funcionario' in WeGIAEPSS 0.5%