CNNVD-202508-3611 Information

CNNVD ID

CNNVD-202508-3611

Related CVE

CVE-2025-9606

• CNNVD Published: 2025-08-29

Description (Chinese)

Portábilis i-Educar是Portábilis公司的一款应用程序。可以方便地帮助您进行基础教育和技术教育。 Portábilis i-Educar 2.10及之前版本存在安全漏洞，该漏洞源于文件/intranet/agenda_preferencias.php中参数cod_agenda的错误操作导致SQL注入攻击。

Description (English)

Portábilis i-Educar is a Portábilis application. You can easily be assisted in basic and technical education. The security gap in Portábilis i-Educar 2.10 and earlier versions stems from the error of the parameter cod agenda in document/intranet/agenda preferencias.php, which led to the SQL injection attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Portábilis

Published

2025-08-29

Last Modified

2026-02-24

References

https://vuldb.com/?submit.636577 https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-9606.md https://vuldb.com/?id.321784 https://vuldb.com/?ctiid.321784 https://github.com/marcelomulder/CVE/blob/main/i-educar/SQL%20Injection%20(Blind%20Time-Based)%20Vulnerability%20in%20cod_agenda%20Parameter%20on%20agenda_preferencias.php%20Endpoint.md#poc https://nvd.nist.gov/vuln/detail/CVE-2025-9606