CVE-2026-2015

CVE-2026-2015 affects Portabilis i-Educar up to version 2.10, in the Final Status Import component. The issue is an improper authorization vulnerability exploitable by manipulating the school_id argument inside FinalStatusImportService.php, with remote execution implied. Public PoC/exploit is ava...