Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

i-Educar — Vulnerabilities & Security Advisories 92

All 92 CVE vulnerabilities found in i-Educar, with AI-generated Chinese analysis, references, and POCs.

This page catalogs common vulnerability weaknesses affecting the i-Educar educational management software product. It aggregates data on security flaws identified within this specific software ecosystem, focusing on the technical details and remediation guidance associated with each reported issue. The content includes a comprehensive collection of vulnerabilities ranging from injection flaws and cross-site scripting to insecure configurations and authentication bypasses. These records cover security incidents discovered and disclosed from the year 2018 through the present day, ensuring that users have access to both historical context and recent threat intelligence. By consulting this resource, stakeholders can effectively track vendor advisories related to i-Educar to ensure timely patching and mitigation efforts. Users can also gain a deeper understanding of common weakness classes prevalent in educational software platforms and analyze how specific attack vectors evolve over time. Furthermore, this aggregation allows administrators and security professionals to look up the complete vulnerability history of the product, providing a clear timeline of past incidents and their resolutions. This centralized view supports risk assessment and compliance auditing by offering a structured overview of the product's security posture. The information presented is derived from standard vulnerability databases and vendor notifications, providing a factual basis for decision-making without speculative commentary. This approach ensures that all listed weaknesses are verified and documented according to established industry standards, facilitating easier integration into existing security monitoring workflows.

Vendor: Portábilis

CVE IDTitleCVSSSeverityPublished
CVE-2026-4355 Portabilis i-Educar Endpoint educar_servidor_curso_lst.php cross site scripting CWE-79 3.5 Low2026-03-17
CVE-2026-2064 Portabilis i-Educar User Data meusdadod.php cross site scripting CWE-79 3.5 Low2026-02-06
CVE-2026-2015 Portabilis i-Educar Final Status Import FinalStatusImportService.php improper authorization CWE-285 6.3 Medium2026-02-06
CVE-2025-9638 i-Educar 2.10.0 - Stored Cross-Site Scripting (XSS) in admin panel CWE-79 5.4AIMediumAI2025-12-09
CVE-2025-65022 i-Educar Authenticated Time-based SQL Injection in `agenda.php` CWE-89 7.2 High2025-11-19
CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php` CWE-89 7.2 High2025-11-19
CVE-2025-65024 i-Educar Authenticated Time-based SQL Injection in `agenda_admin_cad.php` CWE-89 7.2 High2025-11-19
CVE-2025-11554 Portabilis i-Educar User Type AccessLevelController.php insecure inherited permissions CWE-277 6.3 Medium2025-10-09
CVE-2025-11050 Portabilis i-Educar periodo-lancamento improper authorization CWE-285 6.3 Medium2025-09-27
CVE-2025-11049 Portabilis i-Educar unificacao-aluno improper authorization CWE-285 6.3 Medium2025-09-27
CVE-2025-11048 Portabilis i-Educar consulta-dispensas improper authorization CWE-285 6.3 Medium2025-09-26
CVE-2025-11047 Portabilis i-Educar aluno improper authorization CWE-285 6.3 Medium2025-09-26
CVE-2025-10846 Portabilis i-Educar edit sql injection CWE-89 6.3 Medium2025-09-23
CVE-2025-10845 Portabilis i-Educar view sql injection CWE-89 6.3 Medium2025-09-23
CVE-2025-10844 Portabilis i-Educar aluno sql injection CWE-89 6.3 Medium2025-09-23
CVE-2025-10608 Portabilis i-Educar enrollment-history access control CWE-284 6.3 Medium2025-09-17
CVE-2025-10607 Portabilis i-Educar diarioApi information disclosure CWE-200 4.3 Medium2025-09-17
CVE-2025-10606 Portabilis i-Educar ConfiguracaoMovimentoGeral cross site scripting CWE-79 4.3 Medium2025-09-17
CVE-2025-10605 Portabilis i-Educar agenda_preferencias.php cross site scripting CWE-79 4.3 Medium2025-09-17
CVE-2025-10591 Portabilis i-Educar Editar Função educar_funcao_cad.php cross site scripting CWE-79 3.5 Low2025-09-17
CVE-2025-10590 Portabilis i-Educar educar_usuario_det.php cross site scripting CWE-79 4.3 Medium2025-09-17
CVE-2025-10584 Portabilis i-Educar educar_calendario_anotacao_cad.php cross site scripting CWE-79 3.5 Low2025-09-17
CVE-2025-10373 Portabilis i-Educar educar_turma_tipo_cad.php cross site scripting CWE-79 3.5 Low2025-09-13
CVE-2025-10372 Portabilis i-Educar educar_modulo_cad.php cross site scripting CWE-79 3.5 Low2025-09-13
CVE-2025-10099 Portabilis i-Educar Editar usuário educar_usuario_cad.php cross site scripting CWE-79 2.4 Low2025-09-08
CVE-2025-10074 Portabilis i-Educar tipos cross site scripting CWE-79 3.5 Low2025-09-08
CVE-2025-10073 Portabilis i-Educar turma improper authorization CWE-285 4.3 Medium2025-09-07
CVE-2025-10072 Portabilis i-Educar enturmar access control CWE-284 6.3 Medium2025-09-07
CVE-2025-10071 Portabilis i-Educar cancelar-enturmacao-em-lote access control CWE-284 6.3 Medium2025-09-07
CVE-2025-10070 Portabilis i-Educar enturmacao-em-lote access control CWE-284 6.3 Medium2025-09-07

All 92 known CVE vulnerabilities affecting i-Educar with full Chinese analysis, references, and POCs where available.