CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-7867

A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo/novo_descricao leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.2%

CVSS Severity

CVSS v3 Score 3.5

CVSS v2 Score 4.0

References

https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README17.md
https://vuldb.com/?ctiid.316980
https://vuldb.com/?id.316980
https://vuldb.com/?submit.605633
https://vuldb.com/?submit.618639
https://vuldb.com/?submit.628435
https://vuldb.com/?submit.605633

Products affected by CVE-2025-7867

Portabilis » I-Educar » Version: 2.10.0

cpe:2.3:a:portabilis:i-educar:2.10.0
Portabilis » I-Educar » Version: 2.9.0

cpe:2.3:a:portabilis:i-educar:2.9.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-7867

Products

Pricing

Contact Us