CVE-2025-10372 Portabilis i-Educar educar_modulo_cad.php cross site scripting

A weakness has been identified in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /intranet/educarmodulocad.php. This manipulation of the argument nmtipo/descricao causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made...

CVE-2025-10372

CVE-2025-10372 affects Portabilis i-Educar up to version 2.10. The vulnerability is an XSS caused by manipulation of the nm_tipo/descricao argument in the file /intranet/educar_modulo_cad.php, which can be triggered remotely. Public exploit code is available. Remediation mentioned across sources ...

CVE-2025-10372 Portabilis i-Educar educar_modulo_cad.php cross site scripting

A weakness has been identified in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /intranet/educarmodulocad.php. This manipulation of the argument nmtipo/descricao causes cross site scripting. It is possible to initiate the attack remotely. The exploit has been made...

i-Educar 代码注入漏洞

i-Educar is a free educational software from Portábilis Open Source. A code injection vulnerability exists in i-Educar version 2.10 and earlier, which stems from misuse of the parameter nmtipo/descricao in the file /intranet/educarmodulocad.php, and could lead to a cross-site scripting attack...