WeGIA SQL Injection Vulnerability in adicionar_raca.php Endpoint

A SQL injection vulnerability has been identified in the WeGIA application, specifically within the adicionar_raca.php endpoint. This flaw allows attackers to execute arbitrary SQL commands, leading to unauthorized access to sensitive information. Exploitation of this vulnerability enabled a complete dump of the application's database, underscoring its severity. The issue arises from inadequate validation and sanitization of the 'raca' parameter, allowing direct manipulation of SQL queries. This vulnerability affects WeGIA versions prior to 3.2.9 and has been patched in version 3.2.10.

Impact

Exploitation of this vulnerability allows for unauthorized access to sensitive data, such as credentials and personal information, and could lead to a complete database dump. This vulnerability is classified as critical, with a CVSS score of 10.0.

Reproduction

The vulnerability can be reproduced by sending a POST request to the adicionar_raca.php endpoint with a crafted 'raca' parameter that includes malicious SQL code. This can be automated using a tool like SQLMap, which can exploit the injection and dump the database.

Remediation

Users are advised to update to WeGIA version 3.2.10, where this vulnerability has been fixed.