CVE-2025-9608

Source
https://cve.org/CVERecord?id=CVE-2025-9608
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9608.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-9608
Published
2025-08-29T03:02:09.426Z
Modified
2026-07-15T01:49:12.051257085Z
Severity
  • 2.1 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
Portabilis i-Educar Formula de Cálculo de Média view sql injection
Details

A vulnerability has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/FormulaMedia/view of the component Formula de Cálculo de Média Page. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Database specific
{
    "cwe_ids": [
        "CWE-74",
        "CWE-89"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/9xxx/CVE-2025-9608.json",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "introduced": "2.0"
                },
                {
                    "last_affected": "2.0"
                },
                {
                    "introduced": "2.1"
                },
                {
                    "last_affected": "2.1"
                },
                {
                    "introduced": "2.2"
                },
                {
                    "last_affected": "2.2"
                },
                {
                    "introduced": "2.3"
                },
                {
                    "last_affected": "2.3"
                },
                {
                    "introduced": "2.4"
                },
                {
                    "last_affected": "2.4"
                },
                {
                    "introduced": "2.5"
                },
                {
                    "last_affected": "2.5"
                },
                {
                    "introduced": "2.6"
                },
                {
                    "last_affected": "2.6"
                },
                {
                    "introduced": "2.7"
                },
                {
                    "last_affected": "2.7"
                },
                {
                    "introduced": "2.8"
                },
                {
                    "last_affected": "2.8"
                },
                {
                    "introduced": "2.9"
                },
                {
                    "last_affected": "2.9"
                },
                {
                    "introduced": "2.10"
                },
                {
                    "last_affected": "2.10"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ],
    "cna_assigner": "VulDB"
}
References

Affected packages

Git / github.com/portabilis/i-educar

Affected ranges

Type
GIT
Repo
https://github.com/portabilis/i-educar
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Database specific
{
    "cpe": "cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.10.0"
        }
    ],
    "source": "CPE_RANGE"
}

Affected versions

2.*
2.0.0
2.0.1
2.0.10
2.0.11
2.0.2
2.0.3
2.0.4
2.0.5
2.0.6
2.0.7
2.0.8
2.0.8.1
2.0.9
2.1.0
2.1.1
2.1.10
2.1.11
2.1.12
2.1.13
2.1.14
2.1.15
2.1.16
2.1.17
2.1.18
2.1.19
2.1.2
2.1.20
2.1.21
2.1.23-upgrade
2.1.3
2.1.4
2.1.5
2.1.6
2.1.7
2.1.8
2.1.9
2.10.0
2.2.0
2.2.1
2.2.10
2.2.11
2.2.12
2.2.13
2.2.14
2.2.15
2.2.16
2.2.17
2.2.18
2.2.19
2.2.2
2.2.20
2.2.21-upgrade
2.2.3
2.2.4
2.2.5
2.2.6
2.2.7
2.2.8
2.2.9
2.3.0
2.3.1
2.3.10
2.3.2
2.3.3
2.3.4
2.3.5
2.3.6
2.3.7
2.3.8
2.3.9
2.5.0
2.5.1
2.5.2
2.5.3
2.5.4-upgrade
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.6.5
2.6.6
2.6.7
2.6.8
2.7.0
2.7.1
2.7.2
2.7.3
2.8.0
2.8.0-beta
2.9.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-9608.json"