CVE-2026-40285

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.10

Description An issue exists in the dao/memorando/UsuarioDAO.php file where the cpf usuario POST parameter overwrites the session-stored user identity through the extract($ REQUEST) function in DespachoControle::verificarDespacho(). This attacker-controlled value is interpolated directly into a raw SQL query, enabling any authenticated user to query the database using an arbitrary identity.

Recommendations Update to version 3.6.10.