CVE-2025-53823

CVE-2025-53823: SQL Injection (Blind Time-Based) Vulnerability in `id_socio` Parameter on `processa_deletar_socio.php` Endpoint

CVE Publication: https://www.cve.org/CVERecord?id=CVE-2025-53823

Summary

A SQL Injection vulnerability was discovered in the id_socio parameter of the /WeGIA/html/socio/sistema/processa_deletar_socio.php endpoint. This vulnerability allows the execution of arbitrary SQL commands, which can compromise the confidentiality, integrity, and availability of stored data.

Details

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
POST /WeGIA/html/socio/sistema/processa_deletar_socio.php HTTP/1.1
Host: sec.wegia.org:8000
Cookie: _ga=GA1.1.1386467242.1751041360; PHPSESSID=dqkolkdi6a6546qv0nnjj0lo86; _ga_F8DXBXLV8J=GS2.1.s1751041359$o1$g1$t1751047102$j12$l0$h0
Content-Length: 24
Sec-Ch-Ua-Platform: "Linux"
Accept-Language: en-US,en;q=0.9
Sec-Ch-Ua: "Not.A/Brand";v="99", "Chromium";v="136"
Sec-Ch-Ua-Mobile: ?0
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
Accept: /
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Origin: https://sec.wegia.org:8000
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: empty
Referer: https://sec.wegia.org:8000/WeGIA/html/socio/sistema/
Accept-Encoding: gzip, deflate, br
Priority: u=1, i
Connection: keep-alive

id_socio=1&pessoa=fisica

PoC

Impact

Unauthorized access to sensitive data (e.g., users, passwords, logs).
Database enumeration (schemas, tables, users, versions).
Escalation to RCE depending on DB configuration (e.g., xp_cmdshell, UDFs).
Full compromise of the application if chained with other vulnerabilities.
This issue affects all users and environments, as it does not require authentication and is reachable via a public endpoint.