A vulnerability, which was classified as critical, has been found in Portabilis i-Educar 2.8.0. This issue affects the function getDocuments of the file /module/Api/InstituicaoDocumentacao?oper=get&resource=getDocuments&instituicao_id. The manipulation of the argument instituicao_id leads to sql injection.

The identification of this vulnerability is CVE-2024-48325. The attack may be initiated remotely. There is no exploit available.