Natan Maia Morette

**Name of the Vulnerable Software and Affected Versions** WeGIA version 3.2.0 **Description** The issue concerns a SQL Injection vulnerability. It can be exploited through the `nextPage` parameter in the "/controle/control.php" API endpoint. **Recommendations** For WeGIA version 3.2.0, consider disabling the `nextPage` parameter in the "/controle/control.php" endpoint until a patch is available. Restrict access to this endpoint to minimize the risk of exploitation. Avoid using the `nextPage` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** WeGIA versions prior to 3.2.0 **Description** The issue concerns SQL Injection in the /funcionario/remuneracao.php endpoint via the `id funcionario` parameter. This allows for potential unauthorized access and manipulation of data. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the /funcionario/remuneracao.php endpoint or validating and sanitizing the `id funcionario` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WeGIA versions prior to 3.2.0 **Description** The issue concerns an incorrect access control in the controle/control.php file. Specifically, the application fails to validate the value of the old password, allowing password changes by entering any value in the `senha antiga` field. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the controle/control.php file or disabling password change functionality until a patch is applied. Avoid using the `senha antiga` field in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** WeGIA versions prior to 3.2.0 **Description** The issue is related to Cross Site Scripting (XSS) via the `dados addInfo` parameter of the "documentos funcionario.php" endpoint. This allows for potential malicious script injection. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the "documentos funcionario.php" endpoint or avoiding the use of the `dados addInfo` parameter until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WeGIA versions prior to 3.2.0 **Description** The issue concerns SQL Injection in the query geracao auto.php file through the `query` parameter. This allows for potential exploitation. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the query geracao auto.php file or avoiding the use of the `query` parameter until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Wegia versions prior to 3.2.0 **Description** The issue is related to Cross Site Scripting (XSS) in the /geral/documentos funcionario.php endpoint via the `id` parameter. This allows for potential malicious script injection. **Recommendations** For versions prior to 3.2.0, update to version 3.2.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the /geral/documentos funcionario.php endpoint or sanitizing the `id` parameter to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WeGIA versions 3.2.0 before 3998672 **Description** The issue is related to a lack of permission verification when changing a password. This means that the software does not check if the user has the necessary permissions to change a password, potentially allowing unauthorized password changes. **Recommendations** For WeGIA versions 3.2.0 before 3998672, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the password change functionality until a patch is available.

**Name of the Vulnerable Software and Affected Versions** WeGIA version 3.2.0 **Description** The issue concerns multiple stored cross-site scripting (XSS) vulnerabilities in the /configuracao/meio pagamento.php component. Attackers can execute arbitrary web scripts or HTML via a crafted payload injected into the `id` or `name` parameter. This could potentially lead to account takeover. **Recommendations** For WeGIA version 3.2.0, patch immediately and validate all user input to mitigate the risk of exploitation. As a temporary workaround, consider restricting access to the /configuracao/meio pagamento.php component until a patch is available. Avoid using the `id` or `name` parameters in the affected component until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** WeGIA version 3.2.0 **Description** A Cross-Site Request Forgery (CSRF) issue was discovered. This issue allows an attacker to perform actions on behalf of a user without their knowledge or consent. **Recommendations** For WeGIA version 3.2.0, update to a version that fixes the CSRF issue, as no specific fix is provided for this version. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** WeGIA version 3.2.0 **Description** Multiple stored cross-site scripting (XSS) vulnerabilities in the component /configuracao/gateway pagamento.php allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `id` or `name` parameter. **Recommendations** For WeGIA version 3.2.0, as a temporary workaround, consider disabling access to the /configuracao/gateway pagamento.php component until a patch is available. Restrict the use of the `id` and `name` parameters in this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.