744 matches found
CVE-2026-4355
A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educarservidorcursolst.php of the component Endpoint. Performing a manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit ...
EUVD-2026-12686
A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educarservidorcursolst.php of the component Endpoint. Performing a manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit ...
Portábilis i-Educar 代码注入漏洞
Portábilis i-Educar is an application developed by Portábilis Corporation. It can conveniently assist you in basic and technical education. Version 2.11 of Portábilis i-Educar contains a code injection vulnerability. This vulnerability arises from improper handling of the Name parameter in the...
CVE-2026-4355
A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educarservidorcursolst.php of the component Endpoint. Performing a manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit ...
CVE-2026-4355 Portabilis i-Educar Endpoint educar_servidor_curso_lst.php cross site scripting
A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educarservidorcursolst.php of the component Endpoint. Performing a manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit ...
CVE-2026-4355
Portabilis i-Educar 2.11 contains a cross-site scripting vulnerability in the Endpoint component, specifically in the file /intranet/educar_servidor_curso_lst.php where manipulating the Name argument triggers XSS. The attack can be remote, and public exploits exist. Vendor did not respond to disc...
PT-2026-25965
A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educar servidor curso lst.php of the component Endpoint. Performing a manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The explo...
CVE-2026-2015
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument schoolid can lead to improper authorization. The attack can be executed remotel...
CVE-2026-2064
A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/meusdadod.php of the component User Data Page. Such manipulation of the argument File leads to cross site scripting. It is possible to launch the atta...
EUVD-2026-5595
A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/meusdadod.php of the component User Data Page. Such manipulation of the argument File leads to cross site scripting. It is possible to launch the atta...
CVE-2026-2064
CVE-2026-2064 affects Portabilis i-Educar up to version 2.10. The vulnerability is in the file /intranet/meusdadod.php of the User Data Page, where manipulation of the File argument leads to cross-site scripting. It can be exploited remotely and a public exploit exists. Multiple sources confirm t...
CVE-2026-2064
A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/meusdadod.php of the component User Data Page. Such manipulation of the argument File leads to cross site scripting. It is possible to launch the atta...
CVE-2026-2064 Portabilis i-Educar User Data meusdadod.php cross site scripting
A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/meusdadod.php of the component User Data Page. Such manipulation of the argument File leads to cross site scripting. It is possible to launch the atta...
CVE-2026-2064 Portabilis i-Educar User Data meusdadod.php cross site scripting
A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/meusdadod.php of the component User Data Page. Such manipulation of the argument File leads to cross site scripting. It is possible to launch the atta...
CVE-2026-2015
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument schoolid can lead to improper authorization. The attack can be executed remotel...
CVE-2026-2015
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument schoolid can lead to improper authorization. The attack can be executed remotel...
CVE-2026-2015
CVE-2026-2015 affects Portabilis i-Educar up to version 2.10, in the Final Status Import component. The issue is an improper authorization vulnerability exploitable by manipulating the school_id argument inside FinalStatusImportService.php, with remote execution implied. Public PoC/exploit is ava...
EUVD-2026-5684
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument schoolid can lead to improper authorization. The attack can be executed remotel...
CVE-2026-2015 Portabilis i-Educar Final Status Import FinalStatusImportService.php improper authorization
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument schoolid can lead to improper authorization. The attack can be executed remotel...
CVE-2026-2015
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument schoolid can lead to improper authorization. The attack can be executed remotel...