Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/11/20 9:36 p.m.7 views

CVE-2025-65023

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionariovinculocad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands...

7.2CVSS8.3AI score0.00361EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/11/19 4:2 p.m.9 views

CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php`

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionariovinculocad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands...

7.2CVSS7.9AI score0.00361EPSS
Exploits1References2
cve
cve
added 2025/11/19 4:2 p.m.14 views

CVE-2025-65023

The CVE concerns i-Educar (versions 2.10.0 and earlier). An authenticated, time-based SQL injection exists in the ieducar/intranet/funcionario_vinculo_cad.php script, introduced by directly concatenating the GET parameter cod_funcionario_vinculo into an SQL query without sanitization. An attacker...

7.2CVSS7.9AI score0.00361EPSS
Exploits1References2Affected Software1
euvd
euvd
added 2025/11/19 4:2 p.m.4 views

EUVD-2025-198233

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionariovinculocad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands...

7.2CVSS7.7AI score0.00361EPSS
Exploits1References2
ptsecurity
ptsecurity
added 2025/11/19 12:0 a.m.3 views

PT-2025-47474

Name of the Vulnerable Software and Affected Versions i-Educar versions prior to 2.10.0 Description i-Educar is school management software. A time-based SQL injection exists in the ieducar/intranet/funcionario vinculo cad.php script for authenticated users. An attacker with an authenticated sessi...

7.2CVSS7.8AI score0.00361EPSS
Exploits1References8
Rows per page
Query Builder