CVE-2025-13187 Intelbras ICIP acessodeusuario.xml credentials storage

A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit...

CVE-2025-10591 Portabilis i-Educar Editar Função educar_funcao_cad.php cross site scripting

A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educarfuncaocad.php of the component Editar Função Page. This manipulation of the argument abreviatura/tipoacao causes cross site scripting. The attack is possible to be carrie...

CVE-2025-10071

Portabilis i-Educar versions up to 2.10 are affected by an improper access control flaw in the /cancelar-enturmacao-em-lote/ API endpoint. The issue can be exploited remotely and has public exploitation disclosures. The root cause is access-control weaknesses in the endpoint, enabling unauthorize...

CVE-2025-9104

A flaw has been found in Portabilis i-Diario up to 1.5.0. The affected element is an unknown function of the file /planos-de-aulas-por-disciplina/ of the component Informações Adicionais Page. This manipulation of the argument Parecer/Objeto de Conhecimento/Habilidades causes cross site scripting...

CVE-2025-8920 Portabilis i-Diario Dicionário de Termos BNCC dicionario-de-termos-bncc cross site scripting

A vulnerability was identified in Portabilis i-Diario 1.6. Affected by this vulnerability is an unknown functionality of the file /dicionario-de-termos-bncc of the component Dicionário de Termos BNCC Page. The manipulation of the argument Planos de ensino leads to cross site scripting. The attack...

CVE-2025-8788

A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulation of the argument...

CVE-2025-8788 Portabilis i-Diario Informações adicionais planos-de-aula-por-areas-de-conhecimento cross site scripting

A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulation of the argument...

Ataque de puerta trasera

¿Qué es una puerta trasera? Un "Acceso Secreto" es una técnica que se utiliza para saltarse la autenticación usual en un sistema, producto o dispositivo. Muchas veces, los creadores de software hacen uso de estos accesos para entrar a programas o sistemas y llevar a cabo ajustes o actualizaciones...

Exploit for Insufficient Verification of Data Authenticity in Rarlab Winrar

Un Hacker En Capital ¡Bienvenido a mi repositorio de GitHub!...

backup-remoto-online.com Cross Site Scripting vulnerability OBB-2863332

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Kia Remoto - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Kia Remoto published at the 'play' market has multiple vulnerabilities...

Remoto - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Remoto published at the 'play' market has multiple vulnerabilities...