CNNVD-202509-922 Information
CNNVD ID
CNNVD-202509-922
Related CVE
- CNNVD Published: 2025-09-05
Description (Chinese)
i-Educar是Portábilis开源的一个免费教育软件。 i-Educar 2.10及之前版本存在安全漏洞,该漏洞源于对文件/module/TabelaArredondamento/edit中参数ID的错误操作导致SQL注入。
Description (English)
i-Educar is a free education software from Portábilis. i-Educar 2.10 and previous versions contain a security loophole, resulting from the mishandling of parameter ID in document/module/Tabela Arredondamento/edit resulting in the injection of SQL.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Portábilis
Published
2025-09-05
Last Modified
2026-02-24
References
https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-10011.md https://github.com/marcelomulder/CVE/blob/main/i-educar/SQL%20Injection%20(Blind%20Time-Based)%20Vulnerability%20in%20%60id%60%20Parameter%20on%20%60.module.TabelaArredondamento.edit%60%20Endpoint.md https://vuldb.com/?ctiid.322736 https://vuldb.com/?id.322736 https://vuldb.com/?submit.643544
Share on: