PT-2025-36225 · Portabilis · Portabilis I-Educar

Marceloqz

Published

2025-09-05

Updated

2025-09-06

CVE-2025-10011

Report an issue

CVSS v2.0

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions:

Portabilis i-Educar versions up to 2.10

Description:

A weakness exists in Portabilis i-Educar up to version 2.10. The issue is related to SQL injection stemming from manipulation of the `ID` argument within an unknown function of the `/module/TabelaArredondamento/edit` file. Remote exploitation is possible, and the exploit has been publicly released.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

SQL injection

Special Elements Injection

Weakness Enumeration

CWE-89CWE-74

Related Identifiers

CVE-2025-10011

Affected Products

Portabilis I-Educar

PT-2025-36225 · Portabilis · Portabilis I-Educar

Weakness Enumeration

Related Identifiers

Affected Products

References · 8