7 matches found
CVE-2025-70146
Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations e.g.,adding records, deleting records via direct HTTP requests to affected endpoints without a...
CVE-2025-70147
Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information including plaintext password field values via direct HTTP GET requests to these endpoints without a valid session...
Projectworlds Online Time Table Generator 安全漏洞
Projectworlds Online Time Table Generator is an online schedule generator developed by the Indian company Projectworlds. Version 1.0 of ProjectWorlds Online Time Table Generator has a security vulnerability. This vulnerability stems from the lack of authentication in multiple management scripts,...
CVE-2025-70146
Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations e.g.,adding records, deleting records via direct HTTP requests to affected endpoints without a...
PT-2026-20461
Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations e.g.,adding records, deleting records via direct HTTP requests to affected endpoints without a...
CVE-2025-70146
Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations e.g.,adding records, deleting records via direct HTTP requests to affected endpoints without a...
Projectworlds Online Time Table Generator 注入漏洞
Projectworlds Online Time Table Generator is an online time table generator from Projectworlds India. An injection vulnerability exists in Projectworlds Online Time Table Generator version 1.0, which stems from the fact that incorrect manipulation of parameter e can lead to SQL injection...