CVE-2026-33991 | LabRedesCefetRJ WeGIA up to 3.6.6 deletar_tag.php deletar_tag $_REQUEST sql injection (EUVD-2026-16884)

Inserito da Angelo Barbosa | Mar 27, 2026 | CVE

A vulnerability, which was classified as critical, has been found in LabRedesCefetRJ WeGIA up to 3.6.6. This issue affects the function deletar_tag of the file html/socio/sistema/deletar_tag.php. This manipulation of the argument $_REQUEST causes sql injection.

This vulnerability is handled as CVE-2026-33991. The attack can be initiated remotely. There is not any exploit available.

It is advisable to upgrade the affected component.

CVE-2026-33991 | LabRedesCefetRJ WeGIA up to 3.6.6 deletar_tag.php deletar_tag $_REQUEST sql injection (EUVD-2026-16884)

Post correlati

CVE-2025-47820 | Flock Safety Gunshot Detection up to 1.2 cleartext storage

CVE-2026-2863 | feng_ha_ha/megagao ssm-erp/production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097 FileServiceImpl.java deleteFile path traversal (Issue 37)

CVE-2025-14438 | Xagio SEO Plugin up to 7.1.0.30 on WordPress pixabayDownloadImage server-side request forgery

CVE-2024-13203 | kurniaramadhan E-Commerce-PHP 1.0 cross-site request forgery