Vendor CVEs
Portabilis
All CVEs
108 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-9738 | Low | 0.23 | 3.5 | 0.00 | Aug 31, 2025 | A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_tipo_ensino_cad.php. Executing manipulation of the argument nm_tipo can lead to cross site scripting. The attack can be executed… | ||
| CVE-2025-9724 | Low | 0.23 | 3.5 | 0.00 | Aug 31, 2025 | A vulnerability was determined in Portabilis i-Educar up to 2.10. This impacts an unknown function of the file /intranet/educar_nivel_ensino_cad.php. Executing manipulation of the argument nm_nivel/descricao can lead to cross site scripting. The attack can be launched remotely.… | ||
| CVE-2025-9723 | Low | 0.23 | 3.5 | 0.00 | Aug 31, 2025 | A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_tipo_regime_cad.php. Performing manipulation of the argument nm_tipo results in cross site scripting. The attack can be initiated remotely. The exploit has… | ||
| CVE-2025-9722 | Low | 0.23 | 3.5 | 0.00 | Aug 31, 2025 | A vulnerability has been found in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educar_tipo_ocorrencia_disciplinar_cad.php. Such manipulation of the argument nm_tipo/descricao leads to cross site scripting. It is possible to… | ||
| CVE-2025-9721 | Low | 0.23 | 3.5 | 0.00 | Aug 31, 2025 | A flaw has been found in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /module/FormulaMedia/edit. This manipulation of the argument nome/formulaMedia causes cross site scripting. It is possible to initiate the attack remotely. The… | ||
| CVE-2025-9720 | Low | 0.23 | 3.5 | 0.00 | Aug 31, 2025 | A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/TabelaArredondamento/edit of the component Cadastrar tabela de arredondamento Page. The manipulation of the argument Nome results in cross site scripting. The… | ||
| CVE-2025-9653 | Low | 0.23 | 3.5 | 0.00 | Aug 29, 2025 | A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_projeto_cad.php of the component Cadastrar projeto Page. Such manipulation of the argument nome/observacao leads to cross… | ||
| CVE-2025-9652 | Low | 0.23 | 3.5 | 0.00 | Aug 29, 2025 | A vulnerability was determined in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /intranet/educar_transferencia_tipo_cad.php of the component Cadastrar tipo de transferência Page. This manipulation of the argument nm_tipo/desc_tipo causes cross site… | ||
| CVE-2025-9106 | Low | 0.23 | 3.5 | 0.00 | Aug 18, 2025 | A vulnerability was found in Portabilis i-Diario up to 1.5.0. This affects an unknown function of the file /planos-de-ensino-por-disciplina/ of the component Informações Adicionais Page. Performing manipulation of the argument Parecer/Conteúdos/Objetivos results in cross site… | ||
| CVE-2025-9105 | Low | 0.23 | 3.5 | 0.00 | Aug 18, 2025 | A vulnerability has been found in Portabilis i-Diario up to 1.5.0. The impacted element is an unknown function of the file /planos-de-ensino-por-areas-de-conhecimento/ of the component Informações Adicionais Page. Such manipulation of the argument Parecer/Conteúdos/Objetivos… | ||
| CVE-2025-9104 | Low | 0.23 | 3.5 | 0.00 | Aug 18, 2025 | A flaw has been found in Portabilis i-Diario up to 1.5.0. The affected element is an unknown function of the file /planos-de-aulas-por-disciplina/ of the component Informações Adicionais Page. This manipulation of the argument Parecer/Objeto de Conhecimento/Habilidades causes… | ||
| CVE-2025-8788 | Low | 0.23 | 3.5 | 0.00 | Aug 10, 2025 | A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulation of the argument… | ||
| CVE-2025-8787 | Low | 0.23 | 3.5 | 0.00 | Aug 10, 2025 | A vulnerability has been found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /registros-de-conteudos-por-disciplina/ of the component Registro das atividades. The manipulation of the… | ||
| CVE-2025-8786 | Low | 0.23 | 3.5 | 0.00 | Aug 10, 2025 | A vulnerability, which was classified as problematic, was found in Portabilis i-Diario up to 1.5.0. Affected is an unknown function of the file /registros-de-conteudos-por-areas-de-conhecimento/ of the component Registro das atividades. The manipulation of the argument Registro… | ||
| CVE-2025-8785 | Low | 0.23 | 3.5 | 0.00 | Aug 10, 2025 | A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educar_usuario_lst.php. The manipulation of the argument nm_pessoa/matricula/matricula_interna leads to cross… | ||
| CVE-2025-8784 | Low | 0.23 | 3.5 | 0.00 | Aug 9, 2025 | A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionario_vinculo_cad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site… | ||
| CVE-2025-8511 | Low | 0.23 | 3.5 | 0.00 | Aug 3, 2025 | A vulnerability classified as problematic was found in Portabilis i-Diario 1.5.0. This vulnerability affects unknown code of the file /diario-de-observacoes/ of the component Observações. The manipulation of the argument Descrição leads to cross site scripting. The attack… | ||
| CVE-2025-8510 | Low | 0.23 | 3.5 | 0.00 | Aug 3, 2025 | A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. This affects the function Gerar of the file ieducar/intranet/educar_matricula_lst.php. The manipulation of the argument ref_cod_aluno leads to cross site scripting. It is possible to initiate… | ||
| CVE-2025-8509 | Low | 0.23 | 3.5 | 0.00 | Aug 3, 2025 | A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educar_servidor_cad.php. The manipulation of the argument matricula leads to cross site scripting. The attack may be… | ||
| CVE-2025-8508 | Low | 0.23 | 3.5 | 0.00 | Aug 3, 2025 | A vulnerability was found in Portabilis i-Educar 2.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_avaliacao_desempenho_cad.php. The manipulation of the argument titulo_avaliacao/descricao leads to… | ||
| CVE-2025-8507 | Low | 0.23 | 3.5 | 0.00 | Aug 3, 2025 | A vulnerability was found in Portabilis i-Educar 2.9. It has been classified as problematic. Affected is an unknown function of the file /intranet/educar_funcao_lst.php. The manipulation of the argument nm_funcao/abreviatura leads to cross site scripting. It is possible to… | ||
| CVE-2025-8365 | Low | 0.23 | 3.5 | 0.00 | Jul 31, 2025 | A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file atendidos_cad.php. The manipulation of the argument nome/nome_social/email leads to cross site scripting. The attack… | ||
| CVE-2025-7872 | Low | 0.23 | 3.5 | 0.00 | Jul 20, 2025 | A vulnerability was found in Portabilis i-Diario 1.5.0 and classified as problematic. This issue affects some unknown processing of the file /justificativas-de-falta. The manipulation of the argument Justificativa leads to cross site scripting. The attack may be initiated… | ||
| CVE-2025-7871 | Low | 0.23 | 3.5 | 0.00 | Jul 20, 2025 | A vulnerability has been found in Portabilis i-Diario 1.5.0 and classified as problematic. This vulnerability affects unknown code of the file /conteudos. The manipulation of the argument filter[by_description] leads to cross site scripting. The attack can be initiated remotely.… | ||
| CVE-2025-7870 | Low | 0.23 | 3.5 | 0.00 | Jul 20, 2025 | A vulnerability, which was classified as problematic, was found in Portabilis i-Diario 1.5.0. This affects an unknown part of the component justificativas-de-falta Endpoint. The manipulation of the argument Anexo leads to cross site scripting. It is possible to initiate the… | ||
| CVE-2025-7869 | Low | 0.23 | 3.5 | 0.00 | Jul 20, 2025 | A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file intranet/educar_turma_tipo_det.php?cod_turma_tipo=ID of the component Turma Module. The manipulation of the… | ||
| CVE-2025-7868 | Low | 0.23 | 3.5 | 0.00 | Jul 20, 2025 | A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo/descricao results in cross site scripting.… | ||
| CVE-2025-7867 | Low | 0.23 | 3.5 | 0.00 | Jul 20, 2025 | A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo/novo_descricao leads to cross site scripting. It is possible… | ||
| CVE-2025-7866 | Low | 0.23 | 3.5 | 0.00 | Jul 20, 2025 | A vulnerability was found in Portabilis i-Educar 2.9.0. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/educar_deficiencia_lst.php of the component Disabilities Module. The manipulation of the argument Deficiência ou Transtorno… | ||
| CVE-2025-7113 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2025 | A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of the file /module/ComponenteCurricular/edit?id=ID of the component Curricular Components Module. The manipulation of the argument Nome leads to cross… | ||
| CVE-2025-7112 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2025 | A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module. The manipulation of… | ||
| CVE-2025-7111 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2025 | A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site… | ||
| CVE-2025-7110 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2025 | A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross site scripting. It is… | ||
| CVE-2025-7109 | Low | 0.23 | 3.5 | 0.00 | Jul 7, 2025 | A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educar_aluno_beneficio_lst.php of the component Student Benefits Registration. The manipulation of the… | ||
| CVE-2025-10099 | Low | 0.16 | 2.4 | 0.00 | Sep 8, 2025 | A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_usuario_cad.php of the component Editar usuário Page. This manipulation of the argument email/data_inicial/data_expiracao… | ||
| CVE-2025-8920 | Low | 0.16 | 2.4 | 0.00 | Aug 13, 2025 | A vulnerability was identified in Portabilis i-Diario 1.6. Affected by this vulnerability is an unknown functionality of the file /dicionario-de-termos-bncc of the component Dicionário de Termos BNCC Page. The manipulation of the argument Planos de ensino leads to cross site… | ||
| CVE-2025-8919 | Low | 0.16 | 2.4 | 0.00 | Aug 13, 2025 | A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is… | ||
| CVE-2025-8918 | Low | 0.16 | 2.4 | 0.00 | Aug 13, 2025 | A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_instituicao_cad.php of the component Editar Page. The manipulation of the argument neighborhood name leads to cross site scripting. The attack may… | ||
| CVE-2025-8545 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /intranet/educar_motivo_afastamento_cad.php. The manipulation of the argument nm_motivo leads to cross site… | ||
| CVE-2025-8544 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability classified as problematic was found in Portabilis i-Educar 2.10. Affected by this vulnerability is an unknown functionality of the file /module/RegraAvaliacao/edit. The manipulation of the argument nome leads to cross site scripting. The attack can be launched… | ||
| CVE-2025-8543 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. Affected is an unknown function of the file /intranet/educar_raca_cad.php. The manipulation of the argument nm_raca leads to cross site scripting. It is possible to launch the attack remotely.… | ||
| CVE-2025-8542 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability was found in Portabilis i-Educar 2.10. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/empresas_cad.php. The manipulation of the argument fantasia/razao_social leads to cross site scripting. The attack may be… | ||
| CVE-2025-8541 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /intranet/public_uf_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack can be initiated remotely.… | ||
| CVE-2025-8540 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability was found in Portabilis i-Educar 2.10. It has been classified as problematic. This affects an unknown part of the file /intranet/public_municipio_cad.php. The manipulation of the argument nome leads to cross site scripting. It is possible to initiate the attack… | ||
| CVE-2025-8539 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability was found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this issue is some unknown functionality of the file /intranet/public_distrito_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack may be… | ||
| CVE-2025-8538 | Low | 0.16 | 2.4 | 0.00 | Aug 5, 2025 | A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation of the argument name/description leads to cross site scripting. The attack can… | ||
| CVE-2024-48325 | 0.01 | — | 0.01 | Nov 6, 2024 | Portabilis i-Educar 2.8.0 is vulnerable to SQL Injection in the "getDocuments" function of the "InstituicaoDocumentacaoController" class. The "instituicao_id" parameter in "/module/Api/InstituicaoDocumentacao?oper=get&resource=getDocuments&instituicao_id" is not properly… | |||
| CVE-2025-9638 | 0.00 | — | 0.00 | Dec 9, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting (XSS) via the matricula_interna parameter in the educar_usuario_cad.php endpoint. This issue affects i-Educar: 2.10.0. | |||
| CVE-2025-65022 | 0.00 | — | 0.00 | Nov 19, 2025 | i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/agenda.php script. An attacker with access to an authenticated session can execute arbitrary SQL… | |||
| CVE-2025-65023 | 0.00 | — | 0.00 | Nov 19, 2025 | i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionario_vinculo_cad.php script. An attacker with access to an authenticated session can execute… |
- risk 0.23cvss 3.5epss 0.00
A flaw has been found in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_tipo_ensino_cad.php. Executing manipulation of the argument nm_tipo can lead to cross site scripting. The attack can be executed…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was determined in Portabilis i-Educar up to 2.10. This impacts an unknown function of the file /intranet/educar_nivel_ensino_cad.php. Executing manipulation of the argument nm_nivel/descricao can lead to cross site scripting. The attack can be launched remotely.…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown function of the file /intranet/educar_tipo_regime_cad.php. Performing manipulation of the argument nm_tipo results in cross site scripting. The attack can be initiated remotely. The exploit has…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in Portabilis i-Educar up to 2.10. The impacted element is an unknown function of the file /intranet/educar_tipo_ocorrencia_disciplinar_cad.php. Such manipulation of the argument nm_tipo/descricao leads to cross site scripting. It is possible to…
- risk 0.23cvss 3.5epss 0.00
A flaw has been found in Portabilis i-Educar up to 2.10. The affected element is an unknown function of the file /module/FormulaMedia/edit. This manipulation of the argument nome/formulaMedia causes cross site scripting. It is possible to initiate the attack remotely. The…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was detected in Portabilis i-Educar up to 2.10. Impacted is an unknown function of the file /module/TabelaArredondamento/edit of the component Cadastrar tabela de arredondamento Page. The manipulation of the argument Nome results in cross site scripting. The…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_projeto_cad.php of the component Cadastrar projeto Page. Such manipulation of the argument nome/observacao leads to cross…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was determined in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file /intranet/educar_transferencia_tipo_cad.php of the component Cadastrar tipo de transferência Page. This manipulation of the argument nm_tipo/desc_tipo causes cross site…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Diario up to 1.5.0. This affects an unknown function of the file /planos-de-ensino-por-disciplina/ of the component Informações Adicionais Page. Performing manipulation of the argument Parecer/Conteúdos/Objetivos results in cross site…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in Portabilis i-Diario up to 1.5.0. The impacted element is an unknown function of the file /planos-de-ensino-por-areas-de-conhecimento/ of the component Informações Adicionais Page. Such manipulation of the argument Parecer/Conteúdos/Objetivos…
- risk 0.23cvss 3.5epss 0.00
A flaw has been found in Portabilis i-Diario up to 1.5.0. The affected element is an unknown function of the file /planos-de-aulas-por-disciplina/ of the component Informações Adicionais Page. This manipulation of the argument Parecer/Objeto de Conhecimento/Habilidades causes…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /planos-de-aula-por-areas-de-conhecimento/ of the component Informações adicionais. The manipulation of the argument…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in Portabilis i-Diario up to 1.5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /registros-de-conteudos-por-disciplina/ of the component Registro das atividades. The manipulation of the…
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, was found in Portabilis i-Diario up to 1.5.0. Affected is an unknown function of the file /registros-de-conteudos-por-areas-de-conhecimento/ of the component Registro das atividades. The manipulation of the argument Registro…
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar up to 2.9. This issue affects some unknown processing of the file /intranet/educar_usuario_lst.php. The manipulation of the argument nm_pessoa/matricula/matricula_interna leads to cross…
- risk 0.23cvss 3.5epss 0.00
A vulnerability classified as problematic was found in Portabilis i-Educar up to 2.9. This vulnerability affects unknown code of the file /intranet/funcionario_vinculo_cad.php of the component Cadastrar Vínculo Page. The manipulation of the argument nome leads to cross site…
- risk 0.23cvss 3.5epss 0.00
A vulnerability classified as problematic was found in Portabilis i-Diario 1.5.0. This vulnerability affects unknown code of the file /diario-de-observacoes/ of the component Observações. The manipulation of the argument Descrição leads to cross site scripting. The attack…
- risk 0.23cvss 3.5epss 0.00
A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. This affects the function Gerar of the file ieducar/intranet/educar_matricula_lst.php. The manipulation of the argument ref_cod_aluno leads to cross site scripting. It is possible to initiate…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar 2.9. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /intranet/educar_servidor_cad.php. The manipulation of the argument matricula leads to cross site scripting. The attack may be…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar 2.9. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_avaliacao_desempenho_cad.php. The manipulation of the argument titulo_avaliacao/descricao leads to…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar 2.9. It has been classified as problematic. Affected is an unknown function of the file /intranet/educar_funcao_lst.php. The manipulation of the argument nm_funcao/abreviatura leads to cross site scripting. It is possible to…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file atendidos_cad.php. The manipulation of the argument nome/nome_social/email leads to cross site scripting. The attack…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Diario 1.5.0 and classified as problematic. This issue affects some unknown processing of the file /justificativas-de-falta. The manipulation of the argument Justificativa leads to cross site scripting. The attack may be initiated…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in Portabilis i-Diario 1.5.0 and classified as problematic. This vulnerability affects unknown code of the file /conteudos. The manipulation of the argument filter[by_description] leads to cross site scripting. The attack can be initiated remotely.…
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, was found in Portabilis i-Diario 1.5.0. This affects an unknown part of the component justificativas-de-falta Endpoint. The manipulation of the argument Anexo leads to cross site scripting. It is possible to initiate the…
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file intranet/educar_turma_tipo_det.php?cod_turma_tipo=ID of the component Turma Module. The manipulation of the…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo/descricao results in cross site scripting.…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo/novo_descricao leads to cross site scripting. It is possible…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar 2.9.0. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/educar_deficiencia_lst.php of the component Disabilities Module. The manipulation of the argument Deficiência ou Transtorno…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of the file /module/ComponenteCurricular/edit?id=ID of the component Curricular Components Module. The manipulation of the argument Nome leads to cross…
- risk 0.23cvss 3.5epss 0.00
A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module. The manipulation of…
- risk 0.23cvss 3.5epss 0.00
A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site…
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross site scripting. It is…
- risk 0.23cvss 3.5epss 0.00
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educar_aluno_beneficio_lst.php of the component Student Benefits Registration. The manipulation of the…
- risk 0.16cvss 2.4epss 0.00
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_usuario_cad.php of the component Editar usuário Page. This manipulation of the argument email/data_inicial/data_expiracao…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was identified in Portabilis i-Diario 1.6. Affected by this vulnerability is an unknown functionality of the file /dicionario-de-termos-bncc of the component Dicionário de Termos BNCC Page. The manipulation of the argument Planos de ensino leads to cross site…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was determined in Portabilis i-Diario up to 1.6. Affected is an unknown function of the file /objetivos-de-aprendizagem-e-habilidades of the component History Page. The manipulation of the argument código/objetivo habilidade leads to cross site scripting. It is…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_instituicao_cad.php of the component Editar Page. The manipulation of the argument neighborhood name leads to cross site scripting. The attack may…
- risk 0.16cvss 2.4epss 0.00
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.10. Affected by this issue is some unknown functionality of the file /intranet/educar_motivo_afastamento_cad.php. The manipulation of the argument nm_motivo leads to cross site…
- risk 0.16cvss 2.4epss 0.00
A vulnerability classified as problematic was found in Portabilis i-Educar 2.10. Affected by this vulnerability is an unknown functionality of the file /module/RegraAvaliacao/edit. The manipulation of the argument nome leads to cross site scripting. The attack can be launched…
- risk 0.16cvss 2.4epss 0.00
A vulnerability classified as problematic has been found in Portabilis i-Educar 2.10. Affected is an unknown function of the file /intranet/educar_raca_cad.php. The manipulation of the argument nm_raca leads to cross site scripting. It is possible to launch the attack remotely.…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was found in Portabilis i-Educar 2.10. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/empresas_cad.php. The manipulation of the argument fantasia/razao_social leads to cross site scripting. The attack may be…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was found in Portabilis i-Educar 2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /intranet/public_uf_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack can be initiated remotely.…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was found in Portabilis i-Educar 2.10. It has been classified as problematic. This affects an unknown part of the file /intranet/public_municipio_cad.php. The manipulation of the argument nome leads to cross site scripting. It is possible to initiate the attack…
- risk 0.16cvss 2.4epss 0.00
A vulnerability was found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this issue is some unknown functionality of the file /intranet/public_distrito_cad.php. The manipulation of the argument nome leads to cross site scripting. The attack may be…
- risk 0.16cvss 2.4epss 0.00
A vulnerability has been found in Portabilis i-Educar 2.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /usuarios/tipos/novo. The manipulation of the argument name/description leads to cross site scripting. The attack can…
- CVE-2024-48325Nov 6, 2024risk 0.01cvss —epss 0.01
Portabilis i-Educar 2.8.0 is vulnerable to SQL Injection in the "getDocuments" function of the "InstituicaoDocumentacaoController" class. The "instituicao_id" parameter in "/module/Api/InstituicaoDocumentacao?oper=get&resource=getDocuments&instituicao_id" is not properly…
- CVE-2025-9638Dec 9, 2025risk 0.00cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portabilis i-Educar allows Stored Cross-Site Scripting (XSS) via the matricula_interna parameter in the educar_usuario_cad.php endpoint. This issue affects i-Educar: 2.10.0.
- CVE-2025-65022Nov 19, 2025risk 0.00cvss —epss 0.00
i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/agenda.php script. An attacker with access to an authenticated session can execute arbitrary SQL…
- CVE-2025-65023Nov 19, 2025risk 0.00cvss —epss 0.00
i-Educar is free, fully online school management software. In versions 2.10.0 and prior, an authenticated time-based SQL injection vulnerability exists in the ieducar/intranet/funcionario_vinculo_cad.php script. An attacker with access to an authenticated session can execute…
Page 2 of 3