T4E-3

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.2.12 Description: A SQL Injection vulnerability was discovered in the WeGIA application, `get detalhes cobranca.php` endpoint. This vulnerability could allow an authorized attacker to execute arbitrary SQL queries, allowing access to or deletion of sensitive information. Recommendations: For WeGIA versions prior to 3.2.12, upgrade to version 3.2.12 to address the SQL Injection vulnerability. As a temporary workaround, consider restricting access to the `get detalhes cobranca.php` endpoint until the upgrade is applied.