28 matches found
CVE-2025-9638
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...
EUVD-2025-202286
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...
CVE-2025-9638
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...
CVE-2025-9638
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...
CVE-2025-9638 i-Educar 2.10.0 - Stored Cross-Site Scripting (XSS) in admin panel
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...
CVE-2025-9638 i-Educar 2.10.0 - Stored Cross-Site Scripting (XSS) in admin panel
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting XSS via the matriculainterna parameter in the educarusuariocad.php endpoint. This issue affects i-Educar: 2.10.0...
CVE-2025-9638
Portabilis i-Educar 2.10.0 is affected by CVE-2025-9638. The issue is an Improper Neutralization of Input During Web Page Generation, allowing Stored Cross-Site Scripting via the matricula_interna parameter in educar_usuario_cad.php. No exploitation details are provided in the supplied documents....
i-Educar 安全漏洞
i-Educar is a free educational software from Portábilis Open Source. A security vulnerability exists in i-Educar version 2.10.0, which stems from an improperly entered neutralization of the matriculainterna parameter in the educarusuariocad.php endpoint, which could lead to a stored cross-site...
PT-2025-50091
Name of the Vulnerable Software and Affected Versions Portabilis i-Educar version 2.10.0 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, leading to Stored Cross-Site Scripting XSS. The issue occurs via the matricula interna parameter in the...
EUVD-2025-28888
Malicious code in bioql PyPI...
EUVD-2025-24065
Malicious code in bioql PyPI...
EUVD-2025-27098
Malicious code in bioql PyPI...
Portábilis i-Educar 访问控制错误漏洞
Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. An access control error vulnerability exists in Portábilis i-Educar version 2.10 and earlier, which stems from improper access control in the file /matricula/IDSTUDENT/enturmar/...
CVE-2025-9760
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made...
CVE-2025-9760
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made...
CVE-2025-9760
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made...
CVE-2025-9760 Portabilis i-Educar Matricula API matricula improper authorization
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made...
CVE-2025-9760 Portabilis i-Educar Matricula API matricula improper authorization
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made...
CVE-2025-9760
CVE-2025-9760 affects Portabilis i-Educar up to version 2.10, specifically the Matricula API component (notably the /module/Api/matricula path; some sources also reference /module/Api/aluno). The root cause is improper authorization due to manipulation of the Matricula API, enabling a remote atta...
i-Educar 安全漏洞
i-Educar is a free educational software from Portábilis Open Source. A security vulnerability exists in i-Educar version 2.10 and earlier, which stems from improper authorization due to incorrect manipulation of the component Matricula API in file/module/Api/aluno...