CNNVD-202508-2363 Information
CNNVD ID
CNNVD-202508-2363
Related CVE
- CNNVD Published: 2025-08-20
Description (Chinese)
Portabilis i‑Diário是巴西Portabilis开源的一个学校教学日历与教师互动管理系统。 Portabilis i‑Diário 2.10及之前版本存在安全漏洞,该漏洞源于对文件/intranet/educar_tipo_usuario_lst.php中参数nm_tipo的错误操作导致SQL注入攻击。
Description (English)
Portabilis i-Diário is an interactive management system for school calendars and teachers that is an open source in Portabilis, Brazil. The security gap in Portabilis i-Diário 2.10 and earlier versions stems from the mishandling of the parameter nm tip in the document/intranet/educar tip usuario lst.php, which led to the injection of SQL.
Hazard Level
High
Vulnerability Type
其他
Published
2025-08-20
Last Modified
2026-02-24
References
https://vuldb.com/?submit.631370 https://vuldb.com/?id.320769 https://vuldb.com/?ctiid.320769 https://github.com/marcelomulder/CVE/blob/main/i-educar/SQL%20Injection%20(Blind%20Time-Based)%20Vulnerability%20in%20nm_tipo%20Parameter%20on%20educar_tipo_usuario_lst.php%20Endpoint.md#poc https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-9236.md https://vuldb.com/?submit.638555 https://access.redhat.com/security/cve/cve-2025-9236 https://nvd.nist.gov/vuln/detail/CVE-2025-9236
Share on: