CVE-2025-67501
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-10

Last updated on: 2025-12-18

Assigner: GitHub, Inc.

Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vulnerability in the /html/matPat/editar_categoria.php endpoint. The application fails to properly validate and sanitize user inputs in the id_categoria parameter, which allows attackers to inject malicious SQL payloads for direct execution. This issue is fixed in version 3.5.5.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-10
Last Modified
2025-12-18
Generated
2026-06-16
AI Q&A
2025-12-10
EPSS Evaluated
2026-06-15
NVD
CVE-2025-67501
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
wegia wegia to 3.5.5 (inc)
wegia web_manager 3.5.4
wegia web_manager 3.5.5
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-89 The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This SQL Injection vulnerability can be detected by testing the vulnerable endpoint `/html/matPat/editar_categoria.php` with crafted payloads in the `id_categoria` parameter to see if the application improperly executes SQL commands. For example, sending a GET request with a payload like `id_categoria=-1 UNION SELECT 1, version()` can reveal if the database version is disclosed, indicating vulnerability. Detection commands could include using curl or similar tools to send such requests: `curl -i "http://yourserver/html/matPat/editar_categoria.php?id_categoria=-1 UNION SELECT 1, version()"`. Additionally, monitoring logs for unusual SQL errors or unexpected database responses when accessing this endpoint can help detect exploitation attempts. Note that exploitation requires the attacker to be logged in, so testing should be done with authenticated sessions. [3]

Executive Summary

This vulnerability is an SQL Injection in the WeGIA web application (versions 3.5.4 and below) at the /html/matPat/editar_categoria.php endpoint. The application does not properly validate or sanitize the user input in the id_categoria parameter, allowing attackers to inject malicious SQL code that can be executed directly on the database.

Impact Analysis

An attacker exploiting this SQL Injection vulnerability could manipulate the database by executing arbitrary SQL commands. This can lead to unauthorized data access, data modification, data deletion, or even complete compromise of the database and potentially the entire application.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade the WeGIA Web Manager to version 3.5.5 or later, where the SQL Injection issue in the /html/matPat/editar_categoria.php endpoint has been fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67501. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart