Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2025/11/19 4:2 p.m.9 views

CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php`

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionariovinculocad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands...

7.2CVSS7.9AI score0.00353EPSS
Exploits1References2
OSV
OSV
added 2025/11/19 4:2 p.m.6 views

CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php`

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionariovinculocad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands...

7.2CVSS8.3AI score0.00353EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/11/19 4:2 p.m.15 views

CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php`

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionariovinculocad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands...

7.2CVSS0.00353EPSS
Exploits1References2
EUVD
EUVD
added 2025/11/19 4:2 p.m.4 views

EUVD-2025-198233

i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionariovinculocad.php script. An attacker with access to an authenticated session can execute arbitrary SQL commands...

7.2CVSS7.7AI score0.00353EPSS
Exploits1References2
CVE
CVE
added 2025/11/19 4:2 p.m.12 views

CVE-2025-65023

The CVE concerns i-Educar (versions 2.10.0 and earlier). An authenticated, time-based SQL injection exists in the ieducar/intranet/funcionario_vinculo_cad.php script, introduced by directly concatenating the GET parameter cod_funcionario_vinculo into an SQL query without sanitization. An attacker...

7.2CVSS7.9AI score0.00353EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/11/19 12:0 a.m.3 views

i-Educar 安全漏洞

i-Educar is a free educational software from Portábilis Open Source. A security vulnerability exists in i-Educar version 2.10.0 and earlier, which stems from improper handling of the codfuncionariovinculo parameter and can lead to SQL injection attacks...

7.2CVSS7.6AI score0.00353EPSS
Exploits1References2
OSV
OSV
added 2025/08/09 11:15 p.m.6 views

CVE-2025-8784

A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionariovinculocad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack ca...

5.4CVSS6.4AI score0.00264EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/09 11:2 p.m.11 views

CVE-2025-8784 Portabilis i-Educar Cadastrar Vínculo funcionario_vinculo_cad.php cross site scripting

A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionariovinculocad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site scripting. The attack ca...

5.1CVSS0.00264EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/08/28 12:0 a.m.4 views

PT-2024-31410 · I-Educar · I-Educar

Name of the Vulnerable Software and Affected Versions: i-Educar versions prior to 2.9 Description: A SQL Injection vulnerability was found in the ieducar/intranet/funcionario vinculo det.php file, which creates the query by concatenating the unsanitized GET parameter cod func, allowing the attack...

8.8CVSS9.1AI score0.00665EPSS
Exploits1References12
Rows per page
Query Builder