CVE-2025-8789 | Portabilis i-Educar up to 2.9.0 API Endpoint /module/Api/Diario authorization

Inserito da Angelo Barbosa | Ago 9, 2025 | CVE

A vulnerability was found in Portabilis i-Educar up to 2.9.0. It has been classified as problematic. This affects an unknown part of the file /module/Api/Diario of the component API Endpoint. The manipulation leads to authorization bypass.

This vulnerability is uniquely identified as CVE-2025-8789. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-8789 | Portabilis i-Educar up to 2.9.0 API Endpoint /module/Api/Diario authorization

Post correlati

CVE-2024-10692 | ideaboxcreations PowerPack Elementor Addons Plugin up to 2.8.1 on WordPress authorization (ID 3203205)

CVE-2025-46493 | Crossword Compiler Puzzles Plugin up to 5.3 on WordPress cross site scripting

CVE-2024-36396 | Verint WFO prior 15.2.1030 unrestricted upload

CVE-2023-38019 | IBM SOAR QRadar Plugin App up to 5.0.3 URL path traversal (XFDB-260575)