Portábilis i-Educar 代码注入漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A code injection vulnerability exists in Portábilis i-Educar version 2.9, which originates from a cross-site scripting attack due to the incorrect operation of the parameter...

CVE-2025-7867

A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novotitulo/novodescricao leads to cross site scripting. It is possible to initiate the atta...

Portábilis i-Educar 代码注入漏洞

Portábilis i-Educar is an application from Portábilis. It can easily help you with basic and technical education. A code injection vulnerability exists in Portabilis i-Educar version 2.9.0, which stems from cross-site scripting due to improper handling of the parameter novotitulo in the file...

MK-AUTH Security Vulnerability

MK-AUTH is an access control system by the individual developer Pedro Filho in Brazil. A security vulnerability exists in MK-AUTH version 19.01 K4.9 and earlier versions, which allows remote attackers to obtain sensitive information such as CPF numbers to the central recibo.php URI via a modified...

LAquis SCADA Web Server relatorioindividual TITULO Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorioindividual.lhtml. When parsing the TITULO...

LAquis SCADA Web Server relatorionome TITULO Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to relatorionome.lhtml. When parsing the TITULO Element,...

Novus 1.0 (notas.asp nota_id) Remote SQL Injection Vulnerability

No description provided by source. Novus - Sistema de administracion y contenido. bug: Sql Inyection. official site: http://novus.com.mx d0rk: "Powered by Novus" free: no system: asp bug found by ka0x D.O.M TEAM we: ka0x, an0de, xarnuz, s0cratex ka0x01atgmail.com tables: 1- anota.notaid 2-...

CVE-2007-3291

Cross-site scripting XSS vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php...

CVE-2007-3291

CVE-2007-3291 describes a cross-site scripting (XSS) flaw in LiveCMS 3.4 and earlier. The vulnerability arises from handling the article name (potentially involving the titulo parameter in article.php), allowing remote attackers to inject arbitrary script/HTML. Evidence from NVD lists a MEDIUM im...

CVE-2007-3291

Cross-site scripting XSS vulnerability in LiveCMS 3.4 and earlier allows remote attackers to inject arbitrary web script or HTML via an article name, possibly involving the titulo parameter in article.php...

Cross site scripting

Cross-site scripting XSS vulnerability in crear.php in ADN Forum 1.0b allows remote attackers to inject arbitrary web script or HTML via the titulo parameter, which is used by the "Topic name" field...

CVE-2006-0124

Cross-site scripting XSS vulnerability in crear.php in ADN Forum 1.0b allows remote attackers to inject arbitrary web script or HTML via the titulo parameter, which is used by the "Topic name" field...