4 matches found
CVE-2025-10845
A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/ComponenteCurricular/view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has been made public and could be used...
CVE-2025-10845
Portabilis i-Educar (versions up to 2.10) is affected by a SQL injection in the /module/ComponenteCurricular/view path, exploitable via the ID parameter and exploitable remotely. Root cause is improper handling/manipulation of the ID argument. The vulnerability is documented across multiple feeds...
i-Educar SQL注入漏洞
i-Educar is a free educational software from Portábilis Open Source. A SQL injection vulnerability exists in i-Educar version 2.10 and earlier, which stems from incorrect manipulation of the parameter IDs in the file /module/ComponenteCurricular/view, which could lead to a SQL injection attack...
PT-2025-39148
Name of the Vulnerable Software and Affected Versions Portabilis i-Educar versions prior to 2.11 Description A flaw exists in Portabilis i-Educar that allows for remote code execution. The issue stems from a SQL injection vulnerability within the /module/ComponenteCurricular/view file. Manipulati...