CVE-2025-62360 in WeGIA
Summary
by MITRE • 10/14/2025
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users.Prior to 3.5.1, a SQL Injection vulnerability was identified in the /html/funcionario/dependente_documento.php endpoint, specifically in the id_dependente parameter. This vulnerability allows attackers to execute arbitrary SQL commands, compromising the confidentiality, integrity, and availability of the database. This vulnerability is fixed in 3.5.1.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 03/06/2026
The CVE-2025-62360 vulnerability affects WeGIA, an open source web management system designed specifically for Portuguese language institutions. This application serves as a digital platform for managing institutional data and processes, making it a critical component in educational and administrative environments. The vulnerability exists within the /html/funcionario/dependente_documento.php endpoint which handles dependent document management functionality for institutional employees. The system's architecture processes user inputs through web forms and database queries, creating potential attack vectors when input validation is insufficient. Prior to version 3.5.1, the application failed to properly sanitize user-supplied parameters before incorporating them into database queries, creating a dangerous pathway for malicious actors to exploit.
The technical flaw manifests as a SQL injection vulnerability in the id_dependente parameter, which represents the dependent identifier within the employee dependency management system. This parameter is directly incorporated into SQL queries without proper input sanitization or parameterized query construction. Attackers can manipulate this parameter to inject malicious SQL code that bypasses normal authentication mechanisms and directly interacts with the database backend. The vulnerability allows for arbitrary SQL command execution, enabling threat actors to perform unauthorized data access, modification, or deletion operations. This type of vulnerability maps directly to CWE-89 which specifically addresses SQL injection flaws in software applications. The attack surface is particularly concerning given that the vulnerable endpoint handles sensitive employee dependent information, potentially exposing personal data, employment records, and institutional relationships.
The operational impact of this vulnerability extends beyond simple data compromise, as it fundamentally undermines the security posture of the entire WeGIA platform. Successful exploitation could result in complete database compromise, allowing attackers to extract confidential employee information, modify institutional records, or even delete critical data. The vulnerability affects the confidentiality, integrity, and availability of the system as defined by the CIA triad, potentially disrupting institutional operations and violating data protection regulations. Organizations using this platform face significant risks including potential regulatory penalties, reputational damage, and operational disruption. The vulnerability's exploitation requires minimal technical skill, making it particularly dangerous as it can be leveraged by attackers with basic knowledge of SQL injection techniques. This weakness creates a persistent threat that could be exploited repeatedly until the patch is applied, as documented in various ATT&CK framework techniques related to credential access and data manipulation.
The fix implemented in version 3.5.1 addresses this vulnerability through proper input validation and parameterized query construction. This remediation follows industry best practices for preventing SQL injection attacks by ensuring that user inputs are properly escaped or parameterized before database interaction. Organizations should immediately update to version 3.5.1 or later to mitigate this risk. Additional security measures including web application firewalls, database query monitoring, and regular security assessments should complement the patch to provide defense-in-depth. The vulnerability highlights the importance of maintaining up-to-date software versions and implementing robust input validation across all web applications, particularly those handling sensitive institutional data. Regular security audits and penetration testing should be conducted to identify similar vulnerabilities in related systems and ensure comprehensive protection against SQL injection threats.