Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Sat, 27 Sep 2025 00:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:* |
Tue, 16 Sep 2025 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability classified as problematic was found in Portabilis i-Educar 2.9.0. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo/descricao results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. |
Title | Portabilis i-Educar Calendar Module educar_calendario_dia_motivo_cad.php cross site scripting | Portabilis i-Educar Calendar educar_calendario_dia_motivo_cad.php cross site scripting |
References |
|
Wed, 13 Aug 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:portabilis:i-educar:2.9.0:*:*:*:*:*:*:* |
Tue, 22 Jul 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Sun, 20 Jul 2025 04:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability classified as problematic was found in Portabilis i-Educar 2.9.0. Affected by this vulnerability is an unknown functionality of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | Portabilis i-Educar Calendar Module educar_calendario_dia_motivo_cad.php cross site scripting | |
Weaknesses | CWE-79 CWE-94 |
|
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-09-16T20:16:06.829Z
Reserved: 2025-07-19T05:52:50.386Z
Link: CVE-2025-7868

Updated: 2025-07-22T13:41:03.089Z

Status : Analyzed
Published: 2025-07-20T05:15:41.927
Modified: 2025-09-27T00:28:21.630
Link: CVE-2025-7868

No data.

Updated: 2025-07-21T15:16:52Z