CVE-2025-70147
CVE-2025-70147 affects ProjectWorlds Online Time Table Generator 1.0. The vulnerability is missing authentication on /admin/student.php and /admin/teacher.php, enabling remote attackers to access sensitive data (including plaintext password field values) via direct HTTP GET requests without a val...