CVE-2026-33134 | LabRedesCefetRJ WeGIA up to 3.6.5 GET Parameter restaurar_produto.php id_produto sql injection (GHSA-qg95-x997-66wq)

Inserito da Angelo Barbosa | Mar 20, 2026 | CVE

A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.6.5 and classified as critical. The impacted element is an unknown function of the file html/matPat/restaurar_produto.php of the component GET Parameter Handler. The manipulation of the argument id_produto results in sql injection.

This vulnerability is reported as CVE-2026-33134. The attack can be launched remotely. No exploit exists.

It is suggested to upgrade the affected component.

CVE-2026-33134 | LabRedesCefetRJ WeGIA up to 3.6.5 GET Parameter restaurar_produto.php id_produto sql injection (GHSA-qg95-x997-66wq)

Post correlati

CVE-2024-5020 | Gallery Plugin on WordPress FancyBox JavaScript Library cross site scripting

CVE-2024-2721 | Sygnoos Social Media Share Buttons Plugin up to 2.1.0 on WordPress deserialization

CVE-2023-6998 | CoolKit Technology eWeLink Smart Home up to 5.1.x on Android/iOS privileges management

CVE-2026-2637 | iBoysoft NTFS 8.0.0 on macOS NSConnection Service permission assignment