Natan Morette

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.9.0 Description: A vulnerability exists in Portabilis i-Educar that allows for authorization bypass. The issue affects an unknown part of the file `/module/Api/Diario` within the API Endpoint component and can be exploited remotely. The exploit has been publicly disclosed and may be used. The vendor was contacted regarding this disclosure but did not respond. Recommendations: Versions prior to 2.9.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.9.0 Description: A critical issue exists in Portabilis i-Educar related to improper authorization. The vulnerability is located in the API Endpoint component, specifically within the `/module/Api/pessoa` file. Manipulation of the `ID` argument can lead to unauthorized access. The exploit is publicly available and can be initiated remotely. The vendor was informed of this issue but did not provide a response. Recommendations: Versions prior to 2.9.0: Address improper authorization by validating the `ID` argument in the `/module/Api/pessoa` API Endpoint.

**Name of the Vulnerable Software and Affected Versions** Portabilis i-Educar version 2.10 **Description** A cross-site scripting issue exists due to the improper handling of user-supplied input. Specifically, manipulating the `ref cod matricula` argument with the input "> can trigger the vulnerability. The issue resides within the `/educar aluno lst.php` file. The exploit has been publicly disclosed and may be used. The vendor was contacted but did not respond. **Recommendations** Update to a newer version of Portabilis i-Educar that addresses this issue. As a temporary workaround, sanitize the `ref cod matricula` input to prevent the injection of malicious code.

Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8.1 Description: A vulnerability exists in Scada-LTS 2.7.8.1 within an unknown functionality of the file `/Scada-LTS/dwr/call/plaincall/WatchListDwr.init.dwr`. Manipulation of this functionality can lead to information disclosure. The attack can be performed remotely. The exploit has been publicly disclosed and may be utilized. The vendor states that the risks associated with this vulnerability appear minimal, as exploitation likely requires administrator permissions, and fixing the vulnerability will not reduce the overall risk from malicious administrator actions. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Portabilis i-Diario version 1.5.0 **Description** A vulnerability exists in Portabilis i-Diario that allows for cross site scripting. The issue affects unknown code within the `/conteudos` file. The `filter[by description]` argument can be manipulated to trigger the vulnerability, and the attack can be initiated remotely. The exploit has been publicly disclosed. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Portabilis i-Diario version 1.5.0 **Description** A problematic issue exists in the justificativas-de-falta component of Portabilis i-Diario. The manipulation of the `Anexo` argument in the justificativas-de-falta Endpoint leads to cross site scripting. This issue can be exploited remotely. The details of the issue have been publicly disclosed, and the vendor was informed but did not respond. **Recommendations** As a mitigation, sanitize or validate the `Anexo` argument within the justificativas-de-falta Endpoint.

**Name of the Vulnerable Software and Affected Versions** Scada-LTS versions up to 2.7.8.1 **Description** A problematic vulnerability exists in Scada-LTS. The issue affects an unknown functionality of the `usersProfiles.shtm` file. Manipulation of the `Username` argument leads to cross-site scripting. The attack can be launched remotely. The exploit has been publicly disclosed. **Recommendations** Versions prior to 2.8.0 are affected.