CVE-2025-9684
Portabilis i-Educar Formula de Cálculo de Média edit sql injection
A vulnerability was determined in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/FormulaMedia/edit of the component Formula de Cálculo de Média Page. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Produtos afetados
Portabilis · i-EducarQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-9684.mdhttps://github.com/marcelomulder/CVE/blob/main/i-educar/SQL%20Injection%20(Blind%20Time-Based)%20Vulnerability%20in%20%60id%60%20Parameter%20on%20%60.module.FormulaMedia.edit%60%20Endpoint.mdhttps://vuldb.com/?ctiid.321896https://vuldb.com/?id.321896https://vuldb.com/?submit.638574