Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/11/20 9:36 p.m.4 views

CVE-2025-65024

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/agendaadmincad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands against...

7.2CVSS8.3AI score0.00353EPSS
Exploits1References1
EUVD
EUVD
added 2025/11/19 4:2 p.m.3 views

EUVD-2025-198226

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/agendaadmincad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands against...

7.2CVSS7.7AI score0.00353EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/11/19 4:2 p.m.10 views

CVE-2025-65024 i-Educar Authenticated Time-based SQL Injection in `agenda_admin_cad.php`

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/agendaadmincad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands against...

7.2CVSS0.00353EPSS
Exploits1References2
CVE
CVE
added 2025/11/19 4:2 p.m.14 views

CVE-2025-65024

CVE-2025-65024 affects i-Educar up to version 2.10.0. An authenticated time-based SQL injection exists in ieducar/intranet/agenda_admin_cad.php where the cod_agenda GET parameter is directly concatenated into an SQL query. This allows an authenticated user to execute arbitrary SQL against the dat...

7.2CVSS7.9AI score0.00353EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder