2 matches found
CVE-2025-10605
Portabilis i-Educar up to version 2.10 contains a cross-site scripting (XSS) vulnerability in the /agenda_preferencias.php file, caused by improper handling of the tipoacao parameter. The issue can be triggered remotely and has publicly available exploits. Affected systems should be updated to a ...
CVE-2025-9606
A vulnerability was detected in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/agendapreferencias.php. Performing manipulation of the argument codagenda results in sql injection. The attack may be initiated remotely. The exploit is...