5.1
CVE-2025-7870 - Portabilis i-Diario justificativas-de-falta Endpoint cross site scripting
A vulnerability, which was classified as problematic, was found in Portabilis i-Diario 1.5.0. This affects an unknown part of the component justificativas-de-falta Endpoint. The manipulation of the argument Anexo leads to cross site scripting. It is possible to initiate the attack remotely. The expโฆ
5.1
CVE-2025-7869 - Portabilis i-Educar Turma Module educar_turma_tipo_det.php cross site scripting
A vulnerability, which was classified as problematic, has been found in Portabilis i-Educar 2.9.0. Affected by this issue is some unknown functionality of the file intranet/educar_turma_tipo_det.php?cod_turma_tipo=ID of the component Turma Module. The manipulation of the argument nm_tipo leads to cโฆ
5.1
CVE-2025-7868 - Portabilis i-Educar Calendar educar_calendario_dia_motivo_cad.php cross site scripting
A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /intranet/educar_calendario_dia_motivo_cad.php of the component Calendar Module. The manipulation of the argument Motivo/descricao results in cross site scripting. It is possible to lโฆ
5.1
CVE-2025-7867 - Portabilis i-Educar Agenda agenda.php cross site scripting
A vulnerability has been found in Portabilis i-Educar 2.9.0/2.10.0. This vulnerability affects unknown code of the file /intranet/agenda.php of the component Agenda Module. The manipulation of the argument novo_titulo/novo_descricao leads to cross site scripting. It is possible to initiate the attaโฆ
5.1
CVE-2025-7866 - Portabilis i-Educar Disabilities Module educar_deficiencia_lst.php cross site scripting
A vulnerability was found in Portabilis i-Educar 2.9.0. It has been rated as problematic. This issue affects some unknown processing of the file /intranet/educar_deficiencia_lst.php of the component Disabilities Module. The manipulation of the argument Deficiรชncia ou Transtorno leads to cross site โฆ
5.1
CVE-2025-7865 - thinkgem JeeSite XSS Filter EncodeUtils.java xssFilter cross site scripting
A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been declared as problematic. This vulnerability affects the function xssFilter of the file src/main/java/com/jeesite/common/codec/EncodeUtils.java of the component XSS Filter. The manipulation of the argument text leads to cross siโฆ
5.3
CVE-2025-7864 - thinkgem JeeSite FileUploadController.java upload unrestricted upload
A vulnerability was found in thinkgem JeeSite up to 5.12.0. It has been classified as critical. This affects the function Upload of the file src/main/java/com/jeesite/modules/file/web/FileUploadController.java. The manipulation leads to unrestricted upload. It is possible to initiate the attack remโฆ
5.1
CVE-2025-7863 - thinkgem JeeSite ServletUtils.java redirectUrl
A vulnerability was found in thinkgem JeeSite up to 5.12.0 and classified as problematic. Affected by this issue is the function redirectUrl of the file src/main/java/com/jeesite/common/web/http/ServletUtils.java. The manipulation of the argument url leads to open redirect. The attack may be launchโฆ
6.9
CVE-2025-7862 - TOTOLINK T6 Telnet Service cstecgi.cgi setTelnetCfg missing authentication
A vulnerability has been found in TOTOLINK T6 4.1.5cu.748_B20211015 and classified as critical. Affected by this vulnerability is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component Telnet Service. The manipulation of the argument telnet_enabled with the input 1 leads to misโฆ
9.8
CVE-2025-53770 - Microsoft SharePoint Server Remote Code Execution Vulnerability
Deserialization of untrusted data in on-premises Microsoft SharePoint Server allows an unauthorized attacker to execute code over a network. Microsoft is aware that an exploit for CVE-2025-53770 exists in the wild. Microsoft is preparing and fully testing a comprehensive update to address this vulnโฆ