CNNVD-202509-819 Information
CNNVD ID
CNNVD-202509-819
Related CVE
- CNNVD Published: 2025-09-05
Description (Chinese)
i-Educar是Portábilis开源的一个免费教育软件。 i-Educar 2.10及之前版本存在安全漏洞,该漏洞源于文件educar_historico_escolar_lst.php中参数ref_cod_aluno的错误操作导致SQL注入。
Description (English)
i-Educar is a free education software from Portábilis. i-Educar 2.10 and previous versions contain a security loophole, which stems from an error in the parameter ref cod aluno in document educar historico escolar lst.php, resulting in the injection of SQL.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Portábilis
Published
2025-09-05
Last Modified
2026-02-24
References
https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-10012.md https://github.com/marcelomulder/CVE/blob/main/i-educar/SQL%20Injection%20(Blind%20Time-Based)%20Vulnerability%20in%20ref_cod_aluno%20Parameter%20on%20educar_historico_escolar_lst.php%20Endpoint.md https://vuldb.com/?ctiid.322737 https://vuldb.com/?id.322737 https://vuldb.com/?submit.643549
Share on: