WeGIA SQL Injection Vulnerability in get_codigobarras_cobranca.php Endpoint

A SQL injection vulnerability has been identified in the WeGIA application, specifically in the 'get_codigobarras_cobranca.php' endpoint. This vulnerability allows authorized attackers to execute arbitrary SQL queries, potentially leading to unauthorized access to or deletion of sensitive information. The issue arises from inadequate input validation, enabling attackers to manipulate SQL queries and exploit the application's database. This vulnerability affects WeGIA versions through 3.2.11 and has been patched in version 3.2.12.

Impact

Exploitation of this vulnerability allows attackers to execute arbitrary SQL queries, with potential impacts including unauthorized access to sensitive information, deletion of SQL tables, and in some cases, uploading of arbitrary files.

Reproduction

To reproduce this vulnerability, send a GET request to the 'get_codigobarras_cobranca.php' endpoint with a crafted 'codigo' parameter that includes SQL injection payloads. The injected SQL code can be used to manipulate the database query execution, such as by using the 'SLEEP' function to demonstrate the injection.

Remediation

Users are advised to upgrade to WeGIA version 3.2.12, where this vulnerability has been addressed.