Aggregator

Submit #604898 / VDB-315025

A vulnerability was found in Portabilis i-Educar 2.9.0. It has been classified as problematic. Affected is an unknown function of the file /module/ComponenteCurricular/edit?id=ID of the component Curricular Components Module. The manipulation of the argument Nome leads to cross site scripting. This vulnerability is traded as CVE-2025-7113. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in Portabilis i-Educar 2.9.0 and classified as problematic. This issue affects some unknown processing of the file /intranet/educar_funcao_det.php?cod_funcao=COD&ref_cod_instituicao=COD of the component Function Management Module. The manipulation of the argument Função leads to cross site scripting. The identification of this vulnerability is CVE-2025-7112. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in Portabilis i-Educar 2.9.0 and classified as problematic. This vulnerability affects unknown code of the file /intranet/educar_curso_det.php?cod_curso=ID of the component Course Module. The manipulation of the argument Curso leads to cross site scripting. This vulnerability was named CVE-2025-7111. The attack can be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as problematic, was found in Portabilis i-Educar 2.9.0. This affects an unknown part of the file /intranet/educar_escola_lst.php of the component School Module. The manipulation of the argument Escola leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-7110. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file /intranet/educar_aluno_beneficio_lst.php of the component Student Benefits Registration. The manipulation of the argument Benefício leads to cross site scripting. This vulnerability is handled as CVE-2025-7109. The attack may be launched remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

Submit #604879 / VDB-315024

Submit #604824 / VDB-315023

Submit #604822 / VDB-315022

Submit #604802 / VDB-315021

Submit #604790 / VDB-315020

A vulnerability classified as problematic was found in Communigate Pro up to 6.2.0. Affected by this vulnerability is an unknown functionality of the component WebMail. The manipulation leads to cross site scripting (Stored). This vulnerability is known as CVE-2017-16962. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in Wibu-Systems CodeMeter up to 6.50a. Affected is an unknown function of the file actions/ChangeConfiguration.html of the component Advanced Settings. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2017-13754. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Jorani 0.6.5. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument Language as part of Parameter leads to cross site scripting (Persistent). This vulnerability is handled as CVE-2018-15917. The attack may be launched remotely. Furthermore, there is an exploit available.

热热热，怎么破？阅读写作，心静自然凉

当前环境异常，请完成验证以继续访问。

第一届OpenHarmony CTF专题赛RE题解

A vulnerability was found in Microsoft Windows up to Vista and classified as problematic. Affected by this issue is some unknown functionality of the component Kernel Mode Driver. The manipulation leads to use after free. This vulnerability is handled as CVE-2015-1726. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

2025H&NCTF-Misc&取证&OSINT全解

A vulnerability classified as critical has been found in Jorani 0.6.5. This affects an unknown part of the component Error Handler. The manipulation of the argument enddate leads to sql injection. This vulnerability is uniquely identified as CVE-2018-15918. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.