Lucene search
K

12 matches found

RedhatCVE
RedhatCVE
added 2025/12/10 4:9 p.m.7 views

CVE-2025-9638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...

4.8CVSS5.1AI score0.00177EPSS
Exploits1References1
EUVD
EUVD
added 2025/12/09 6:30 p.m.5 views

EUVD-2025-202286

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...

4.8CVSS4.6AI score0.00177EPSS
Exploits1References3
NVD
NVD
added 2025/12/09 4:18 p.m.6 views

CVE-2025-9638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...

4.8CVSS0.00177EPSS
Exploits1References2
OSV
OSV
added 2025/12/09 4:18 p.m.4 views

CVE-2025-9638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...

4.8CVSS5AI score
Exploits0References2
Cvelist
Cvelist
added 2025/12/09 3:59 p.m.22 views

CVE-2025-9638 i-Educar 2.10.0 - Stored Cross-Site Scripting (XSS) in admin panel

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...

4.8CVSS0.00177EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/09/19 11:27 a.m.7 views

CVE-2025-10590

A security flaw has been discovered in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educarusuariodet.php. The manipulation of the argument refpessoa results in cross site scripting. The attack can be executed remotely. The exploit has been...

6.1CVSS3.9AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/17 11:2 a.m.1 views

CVE-2025-10590 Portabilis i-Educar educar_usuario_det.php cross site scripting

A security flaw has been discovered in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educarusuariodet.php. The manipulation of the argument refpessoa results in cross site scripting. The attack can be executed remotely. The exploit has been...

5.3CVSS5.4AI score0.00308EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/09/08 5:32 p.m.3 views

CVE-2025-10099 Portabilis i-Educar Editar usuário educar_usuario_cad.php cross site scripting

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educarusuariocad.php of the component Editar usuário Page. This manipulation of the argument email/datainicial/dataexpiracao causes cross site...

4.8CVSS3.1AI score0.00272EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/09/08 5:32 p.m.10 views

CVE-2025-10099 Portabilis i-Educar Editar usuário educar_usuario_cad.php cross site scripting

A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educarusuariocad.php of the component Editar usuário Page. This manipulation of the argument email/datainicial/dataexpiracao causes cross site...

4.8CVSS0.00272EPSS
Exploits1References5
CVE
CVE
added 2025/09/08 5:32 p.m.16 views

CVE-2025-10099

CVE-2025-10099 affects Portabilis i-Educar up to v2.10. The issue is in /intranet/educar_usuario_cad.php (Editar usuário Page); manipulating parameters email, data_inicial, or data_expiracao leads to reflected XSS. Exploitation is remote and public. Some sources indicate versions up to 2.10 with ...

4.8CVSS3.7AI score0.00272EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/08/09 11:32 p.m.3 views

CVE-2025-8785 Portabilis i-Educar educar_usuario_lst.php cross site scripting

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educarusuariolst.php. The manipulation of the argument nmpessoa/matricula/matriculainterna leads to cross site scripting. The...

5.1CVSS6.3AI score0.00264EPSS
Exploits1References5
CVE
CVE
added 2025/08/09 11:32 p.m.23 views

CVE-2025-8785

CVE-2025-8785 affects Portabilis i-Educar up to 2.9. The issue is a Cross-Site Scripting (XSS) vulnerability in the endpoint /intranet/educar_usuario_lst.php caused by improper handling of the nm_pessoa/matricula/matricula_interna parameters. An attacker can remotely trigger the flaw, and public ...

5.4CVSS6.3AI score0.00264EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder