Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Portábilis — Vulnerabilities & Security Advisories 107

Browse all 107 CVE security advisories affecting Portábilis. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Portábilis operates as a provider of mobile device management and security solutions, primarily targeting enterprise environments to secure smartphones and tablets. Historical security audits reveal a significant volume of vulnerabilities, with 107 CVEs currently documented, indicating persistent challenges in code quality and secure development practices. The most prevalent flaw categories include remote code execution, cross-site scripting, and privilege escalation, which often stem from inadequate input validation and improper access controls within the application’s web interfaces and backend services. While specific major public breaches involving data exfiltration are not widely reported, the high count of critical severity issues suggests systemic weaknesses in the software lifecycle. These recurring defects pose substantial risks to organizational security postures, necessitating rigorous patch management and continuous vulnerability scanning to mitigate potential exploitation by threat actors seeking unauthorized system access.

Top products by Portábilis: i-Educar i-Diario
CVE IDTitleCVSSSeverityPublished
CVE-2026-4355 Portabilis i-Educar Endpoint educar_servidor_curso_lst.php cross site scripting — i-EducarCWE-79 3.5 Low2026-03-17
CVE-2026-2064 Portabilis i-Educar User Data meusdadod.php cross site scripting — i-EducarCWE-79 3.5 Low2026-02-06
CVE-2026-2015 Portabilis i-Educar Final Status Import FinalStatusImportService.php improper authorization — i-EducarCWE-285 6.3 Medium2026-02-06
CVE-2025-9638 i-Educar 2.10.0 - Stored Cross-Site Scripting (XSS) in admin panel — i-EducarCWE-79 5.4AIMediumAI2025-12-09
CVE-2025-65022 i-Educar Authenticated Time-based SQL Injection in `agenda.php` — i-educarCWE-89 7.2 High2025-11-19
CVE-2025-65023 i-Educar Authenticated Time-based SQL Injection in `funcionario_vinculo_cad.php` — i-educarCWE-89 7.2 High2025-11-19
CVE-2025-65024 i-Educar Authenticated Time-based SQL Injection in `agenda_admin_cad.php` — i-educarCWE-89 7.2 High2025-11-19
CVE-2025-11554 Portabilis i-Educar User Type AccessLevelController.php insecure inherited permissions — i-EducarCWE-277 6.3 Medium2025-10-09
CVE-2025-11050 Portabilis i-Educar periodo-lancamento improper authorization — i-EducarCWE-285 6.3 Medium2025-09-27
CVE-2025-11049 Portabilis i-Educar unificacao-aluno improper authorization — i-EducarCWE-285 6.3 Medium2025-09-27
CVE-2025-11048 Portabilis i-Educar consulta-dispensas improper authorization — i-EducarCWE-285 6.3 Medium2025-09-26
CVE-2025-11047 Portabilis i-Educar aluno improper authorization — i-EducarCWE-285 6.3 Medium2025-09-26
CVE-2025-10846 Portabilis i-Educar edit sql injection — i-EducarCWE-89 6.3 Medium2025-09-23
CVE-2025-10845 Portabilis i-Educar view sql injection — i-EducarCWE-89 6.3 Medium2025-09-23
CVE-2025-10844 Portabilis i-Educar aluno sql injection — i-EducarCWE-89 6.3 Medium2025-09-23
CVE-2025-10608 Portabilis i-Educar enrollment-history access control — i-EducarCWE-284 6.3 Medium2025-09-17
CVE-2025-10607 Portabilis i-Educar diarioApi information disclosure — i-EducarCWE-200 4.3 Medium2025-09-17
CVE-2025-10606 Portabilis i-Educar ConfiguracaoMovimentoGeral cross site scripting — i-EducarCWE-79 4.3 Medium2025-09-17
CVE-2025-10605 Portabilis i-Educar agenda_preferencias.php cross site scripting — i-EducarCWE-79 4.3 Medium2025-09-17
CVE-2025-10591 Portabilis i-Educar Editar Função educar_funcao_cad.php cross site scripting — i-EducarCWE-79 3.5 Low2025-09-17
CVE-2025-10590 Portabilis i-Educar educar_usuario_det.php cross site scripting — i-EducarCWE-79 4.3 Medium2025-09-17
CVE-2025-10584 Portabilis i-Educar educar_calendario_anotacao_cad.php cross site scripting — i-EducarCWE-79 3.5 Low2025-09-17
CVE-2025-10373 Portabilis i-Educar educar_turma_tipo_cad.php cross site scripting — i-EducarCWE-79 3.5 Low2025-09-13
CVE-2025-10372 Portabilis i-Educar educar_modulo_cad.php cross site scripting — i-EducarCWE-79 3.5 Low2025-09-13
CVE-2025-10099 Portabilis i-Educar Editar usuário educar_usuario_cad.php cross site scripting — i-EducarCWE-79 2.4 Low2025-09-08
CVE-2025-10074 Portabilis i-Educar tipos cross site scripting — i-EducarCWE-79 3.5 Low2025-09-08
CVE-2025-10073 Portabilis i-Educar turma improper authorization — i-EducarCWE-285 4.3 Medium2025-09-07
CVE-2025-10072 Portabilis i-Educar enturmar access control — i-EducarCWE-284 6.3 Medium2025-09-07
CVE-2025-10071 Portabilis i-Educar cancelar-enturmacao-em-lote access control — i-EducarCWE-284 6.3 Medium2025-09-07
CVE-2025-10070 Portabilis i-Educar enturmacao-em-lote access control — i-EducarCWE-284 6.3 Medium2025-09-07

This page lists every published CVE security advisory associated with Portábilis. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.