CNNVD-202602-1022 Information
CNNVD ID
CNNVD-202602-1022
Related CVE
- CNNVD Published: 2026-02-06
Description (Chinese)
Portábilis i-Educar是Portábilis公司的一款应用程序。可以方便地帮助您进行基础教育和技术教育。 Portábilis i-Educar 2.10及之前版本存在授权问题漏洞,该漏洞源于对组件Final Status Import中文件FinalStatusImportService.php的参数school_id的错误操作,可能导致授权不当。
Description (English)
Portábilis i-Educar is a Portábilis application. You can easily be assisted in basic and technical education. Portábilis i-Educar 2.10 and previous versions have a mandate gap, which stems from an error in the use of the parameters of document FinalstatusImportService.php of the component Final Status Import, which may lead to improper authorization.
Hazard Level
High
Vulnerability Type
授权问题
Affected Vendor
Portábilis
Published
2026-02-06
Last Modified
2026-02-24
References
https://github.com/ViniCastro2001/Security_Reports/tree/main/i-educar/BFLA-Final-Status-Import https://github.com/ViniCastro2001/Security_Reports/tree/main/i-educar/BFLA-Final-Status-Import#proof-of-concept-poc https://vuldb.com/?ctiid.344597 https://vuldb.com/?id.344597 https://vuldb.com/?submit.743760
Share on: