Lucene search
K

794 matches found

CVE
CVE
added 2024/08/28 8:17 p.m.53 views

CVE-2024-45057

The CVE-2024-45057 entry describes a Reflected Cross-Site Scripting (XSS) vulnerability in i-Educar prior to v2.9. The issue arises from insufficient validation/sanitization of user-controlled input in the dynamic generation of HTML fields, specifically in the file intranet/include/clsCampos.inc....

6.3CVSS6AI score0.00342EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/08/28 8:17 p.m.44 views

CVE-2024-45057 Reflected Cross-Site Scripting in i-Educar

i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting XSS vulnerability was identified in the dynamic generation of HTML fields prior to the 2.9 branch. The file located at...

6.3CVSS0.00342EPSS
Exploits1References2
OSV
OSV
added 2024/08/28 8:17 p.m.19 views

CVE-2024-45057 Reflected Cross-Site Scripting in i-Educar

i-Educar is free, fully online school management software that can be used by school secretaries, teachers, coordinators, and area managers. A Reflected Cross-Site Scripting XSS vulnerability was identified in the dynamic generation of HTML fields prior to the 2.9 branch. The file located at...

6.3CVSS6AI score0.00342EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.3 views

Portábilis i-Educar 安全漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. Portábilis i-Educar has a security vulnerability that stems from the ability to change its user type to administrator...

8.1CVSS8AI score0.01365EPSS
Exploits2References3
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.5 views

Portábilis i-Educar 安全漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A security vulnerability exists in Portábilis i-Educar that stems from not validating user input...

8.8CVSS8.7AI score0.00665EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/08/28 12:0 a.m.3 views

Portábilis i-Educar 安全漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A security vulnerability exists in Portábilis i-Educar, which stems from the fact that lack of cleanup of user-controlled parameters used to dynamically generate HTML field values can...

6.3CVSS6.2AI score0.00342EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.4 views

PT-2024-31410 · I-Educar · I-Educar

Name of the Vulnerable Software and Affected Versions: i-Educar versions prior to 2.9 Description: A SQL Injection vulnerability was found in the ieducar/intranet/funcionario vinculo det.php file, which creates the query by concatenating the unsanitized GET parameter cod func, allowing the attack...

8.8CVSS9.1AI score0.00665EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.6 views

PT-2024-31409 · I-Educar · I-Educar

Name of the Vulnerable Software and Affected Versions: i-Educar versions prior to 2.9 Description: The issue allows an attacker with minimal viewing privileges in the settings section to change their user type to Administrator or another type with super-permissions. This can be achieved through a...

8.1CVSS8.1AI score0.01365EPSS
Exploits2References8
NVD
NVD
added 2023/10/14 11:15 a.m.9 views

CVE-2023-5578

A vulnerability was found in Portábilis i-Educar up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file \intranet\agendaimprimir.php of the component HTTP GET Request Handler. The manipulation of the argument codagenda with the inp...

5.4CVSS4.2AI score0.00311EPSS
Exploits0References2
OSV
OSV
added 2023/10/14 11:15 a.m.16 views

CVE-2023-5578

A vulnerability was found in Portábilis i-Educar up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file \intranet\agendaimprimir.php of the component HTTP GET Request Handler. The manipulation of the argument codagenda with the inp...

5.4CVSS6.3AI score
Exploits0References2
Prion
Prion
added 2023/10/14 11:15 a.m.16 views

Cross site scripting

A vulnerability was found in Portábilis i-Educar up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file \intranet\agendaimprimir.php of the component HTTP GET Request Handler. The manipulation of the argument codagenda with the inp...

4CVSS5.2AI score0.00311EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/10/14 10:31 a.m.16 views

CVE-2023-5578 Portábilis i-Educar HTTP GET Request agenda_imprimir.php cross site scripting

A vulnerability was found in Portábilis i-Educar up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file \intranet\agendaimprimir.php of the component HTTP GET Request Handler. The manipulation of the argument codagenda with the inp...

4CVSS5.4AI score0.00311EPSS
Exploits0References2
CVE
CVE
added 2023/10/14 10:31 a.m.71 views

CVE-2023-5578

CVE-2023-5578 affects Portábilis i-Educar up to 2.7.5. The vulnerability is a cross-site scripting flaw in the HTTP GET Request Handler, specifically in the file intranet\agenda_imprimir.php, where the cod_agenda parameter can be injected with a payload like );'> . Remote exploitation is possi...

5.4CVSS4.4AI score0.00311EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/10/14 12:0 a.m.3 views

Portábilis i-Educar Cross-Site Scripting Vulnerability

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A cross-site scripting vulnerability exists in Portábilis i-Educar version 2.7.5, which originates from the presence of an unknown function in the file intranetagendaimprimir.php in t...

5.4CVSS6.1AI score0.00311EPSS
Exploits0References3
Rows per page
Query Builder