i-Educar 代码注入漏洞
i-Educar is a free educational software from Portábilis Open Source. A code injection vulnerability exists in i-Educar version 2.10 and earlier, which originates from a cross-site scripting attack due to manipulation of the neighborhood name parameter in the file /intranet/educarinstituicaocad.ph...