Featured image of post CVE-2025-61605
SQL Injection Critical WeGia Security WebApp

CVE-2025-61605

SQL Injection

CVE-2025-61605: SQL Injection (Blind Time-Based) Vulnerability in descricao Parameter on /controle/control.php Endpoint

CVE Publication: https://www.cve.org/CVERecord?id=CVE-2025-61605

Summary

A SQL Injection vulnerability was discovered in the descricao parameter of the /controle/control.php endpoint. This issue allows any attacker to inject arbitrary SQL queries, potentially leading to unauthorized data access or further exploitation depending on database configuration.

Details

The application fails to properly sanitize user-supplied input in the descricao parameter. As a result, specially crafted SQL payloads are interpreted directly by the backend database.

PoC

Vulnerable Endpoint: /controle/control.php

Parameter: descricao

Payload:

1

'%20AND%20SLEEP(5)%20AND%20'1'%3D'1'--%20-

Observe the time delay in the server response, indicating the successful execution of the SQL payload.

Impact

  • Unauthorized access to sensitive data (e.g., users, passwords, logs).
  • Database enumeration (schemas, tables, users, versions).
  • Escalation to RCE depending on DB configuration (e.g., xp_cmdshell, UDFs).
  • Full compromise of the application if chained with other vulnerabilities.
  • This issue affects all users and environments, as it does not require authentication and is reachable via a public endpoint.

Reference

https://github.com/LabRedesCefetRJ/WeGIA/security/advisories/GHSA-v8hm-pq8g-c7j4

Finder

Marcelo Queiroz

By: CVE-Hunters

© 2020 - 2025 CVE-Hunters
Built with Hugo
Theme Stack designed by Jimmy