Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

i-Educar — Vulnerabilities & Security Advisories 92

All 92 CVE vulnerabilities found in i-Educar, with AI-generated Chinese analysis, references, and POCs.

Vendor: Portábilis

CVE IDTitleCVSSSeverityPublished
CVE-2026-4355 Portabilis i-Educar Endpoint educar_servidor_curso_lst.php cross site scripting CWE-79 3.5 Low2026-03-17
CVE-2026-2064 Portabilis i-Educar User Data meusdadod.php cross site scripting CWE-79 3.5 Low2026-02-06
CVE-2026-2015 Portabilis i-Educar Final Status Import FinalStatusImportService.php improper authorization CWE-285 6.3 Medium2026-02-06
CVE-2025-9638 i-Educar 2.10.0 - Stored Cross-Site Scripting (XSS) in admin panel CWE-79 5.4AIMediumAI2025-12-09
CVE-2025-65022 i-Educar Authenticated Time-based SQL Injection in `agenda.php` CWE-89 7.2 High2025-11-19
CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php` CWE-89 7.2 High2025-11-19
CVE-2025-65024 i-Educar Authenticated Time-based SQL Injection in `agenda_admin_cad.php` CWE-89 7.2 High2025-11-19
CVE-2025-11554 Portabilis i-Educar User Type AccessLevelController.php insecure inherited permissions CWE-277 6.3 Medium2025-10-09
CVE-2025-11050 Portabilis i-Educar periodo-lancamento improper authorization CWE-285 6.3 Medium2025-09-27
CVE-2025-11049 Portabilis i-Educar unificacao-aluno improper authorization CWE-285 6.3 Medium2025-09-27
CVE-2025-11048 Portabilis i-Educar consulta-dispensas improper authorization CWE-285 6.3 Medium2025-09-26
CVE-2025-11047 Portabilis i-Educar aluno improper authorization CWE-285 6.3 Medium2025-09-26
CVE-2025-10846 Portabilis i-Educar edit sql injection CWE-89 6.3 Medium2025-09-23
CVE-2025-10845 Portabilis i-Educar view sql injection CWE-89 6.3 Medium2025-09-23
CVE-2025-10844 Portabilis i-Educar aluno sql injection CWE-89 6.3 Medium2025-09-23
CVE-2025-10608 Portabilis i-Educar enrollment-history access control CWE-284 6.3 Medium2025-09-17
CVE-2025-10607 Portabilis i-Educar diarioApi information disclosure CWE-200 4.3 Medium2025-09-17
CVE-2025-10606 Portabilis i-Educar ConfiguracaoMovimentoGeral cross site scripting CWE-79 4.3 Medium2025-09-17
CVE-2025-10605 Portabilis i-Educar agenda_preferencias.php cross site scripting CWE-79 4.3 Medium2025-09-17
CVE-2025-10591 Portabilis i-Educar Editar Função educar_funcao_cad.php cross site scripting CWE-79 3.5 Low2025-09-17
CVE-2025-10590 Portabilis i-Educar educar_usuario_det.php cross site scripting CWE-79 4.3 Medium2025-09-17
CVE-2025-10584 Portabilis i-Educar educar_calendario_anotacao_cad.php cross site scripting CWE-79 3.5 Low2025-09-17
CVE-2025-10373 Portabilis i-Educar educar_turma_tipo_cad.php cross site scripting CWE-79 3.5 Low2025-09-13
CVE-2025-10372 Portabilis i-Educar educar_modulo_cad.php cross site scripting CWE-79 3.5 Low2025-09-13
CVE-2025-10099 Portabilis i-Educar Editar usuário educar_usuario_cad.php cross site scripting CWE-79 2.4 Low2025-09-08
CVE-2025-10074 Portabilis i-Educar tipos cross site scripting CWE-79 3.5 Low2025-09-08
CVE-2025-10073 Portabilis i-Educar turma improper authorization CWE-285 4.3 Medium2025-09-07
CVE-2025-10072 Portabilis i-Educar enturmar access control CWE-284 6.3 Medium2025-09-07
CVE-2025-10071 Portabilis i-Educar cancelar-enturmacao-em-lote access control CWE-284 6.3 Medium2025-09-07
CVE-2025-10070 Portabilis i-Educar enturmacao-em-lote access control CWE-284 6.3 Medium2025-09-07

All 92 known CVE vulnerabilities affecting i-Educar with full Chinese analysis, references, and POCs where available.