Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-2015
A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument school_id can lead to improper authorization. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-02-06
CVE-2026-2014
A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-02-06
CVE-2026-24920
Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.2
EPSS Score
0.0
Published
2026-02-06
CVE-2026-24924
Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-02-06
CVE-2026-24927
Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.5
EPSS Score
0.0
Published
2026-02-06
CVE-2026-24928
Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
5.8
EPSS Score
0.0
Published
2026-02-06
CVE-2026-2013
A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-02-06
CVE-2026-24925
Heap-based buffer overflow vulnerability in the image module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-02-06
CVE-2026-24926
Out-of-bounds write vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
8.4
EPSS Score
0.0
Published
2026-02-06
CVE-2026-24929
Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-02-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved