CVE-2026-4355

A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educarservidorcursolst.php of the component Endpoint. Performing a manipulation of the argument Name results in cross site scripting. The attack may be initiated remotely. The exploit ...

EUVD-2025-27153

Malicious code in bioql PyPI...

CVE-2025-11050

A flaw has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /periodo-lancamento. Executing manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has been published and may be used...

CVE-2025-10844 Portabilis i-Educar aluno sql injection

A vulnerability has been found in Portabilis i-Educar up to 2.10. Affected by this issue is some unknown functionality of the file /module/Cadastro/aluno. The manipulation of the argument is leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to t...

CVE-2025-10607

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/Avaliacao/diarioApi. Such manipulation leads to information disclosure. The attack can be executed remotely. The exploit has been disclosed publicly and may be used...

CVE-2025-10608

A vulnerability was detected in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /enrollment-history/. Performing manipulation results in improper access controls. The attack is possible to be carried out remotely. The exploit is now public and may be used...

CVE-2025-10605

A security flaw has been discovered in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /agendapreferencias.php. The manipulation of the argument tipoacao results in cross site scripting. The attack may be launched remotely. The exploit has been released to the...

CVE-2025-10373

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /intranet/educarturmatipocad.php. Such manipulation of the argument nmtipo leads to cross site scripting. It is possible to launch the attack remotely. The exploit...

CVE-2025-10072 Portabilis i-Educar enturmar access control

A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /matricula/IDSTUDENT/enturmar/. Performing manipulation results in improper access controls. It is possible to initiate the attack remotely. The exploit has been made public and cou...

CVE-2025-10070

A flaw has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /enturmacao-em-lote/. This manipulation causes improper access controls. The attack is possible to be carried out remotely. The exploit has been published and may be used...

PT-2025-36419

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A vulnerability exists in Portabilis i-Educar versions up to 2.10 related to improper access controls resulting from manipulation of file processing. The affected file is /matricula/ID...

CVE-2025-10012

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file educarhistoricoescolarlst.php. Such manipulation of the argument refcodaluno leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-10012

Portabilis i-Educar up to 2.10 is affected by an SQL injection in educar_historico_escolar_lst.php via manipulation of the ref_cod_aluno parameter. The issue enables remote exploitation and has been publicly disclosed. Remediation per sources is to upgrade to a version newer than 2.10 or apply th...

CVE-2025-10012 Portabilis i-Educar educar_historico_escolar_lst.php sql injection

A security vulnerability has been detected in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file educarhistoricoescolarlst.php. Such manipulation of the argument refcodaluno leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-9738

A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educartipoensinocad.php. Executing manipulation of the argument nmtipo can lead to cross site scripting. The attack can be executed remotely. The exploit has...

CVE-2025-9723

A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educartiporegimecad.php. Performing manipulation of the argument nmtipo results in cross site scripting. The attack can be initiated remotely. The exploit has been made public and...

CVE-2025-9723

A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educartiporegimecad.php. Performing manipulation of the argument nmtipo results in cross site scripting. The attack can be initiated remotely. The exploit has been made public and...

CVE-2025-9723

CVE-2025-9723 affects Portabilis i-Educar up to 2.10. The vulnerability is in the file /intranet/educar_tipo_regime_cad.php, where manipulating the argument nm_tipo leads to cross-site scripting. The attack can be initiated remotely and the exploit has been publicized. Affected version is up to 2...

CVE-2025-9722

A vulnerability has been found in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educartipoocorrenciadisciplinarcad.php. Such manipulation of the argument nmtipo/descricao leads to cross site scripting. It is possible to launch the attack remotel...

PT-2025-35401

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.10 Description: A cross-site scripting issue exists in Portabilis i-Educar. The manipulation of the descricao argument within the /intranet/educar tipo ocorrencia disciplinar cad.php file can lead to...