3 matches found
CVE-2025-70147
Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information including plaintext password field values via direct HTTP GET requests to these endpoints without a valid session...
EUVD-2025-28718
Malicious code in bioql PyPI...
SourceCodester Class Scheduling System 跨站脚本漏洞
Class Scheduling System is a class scheduling system. A cross-site scripting vulnerability exists in Class Scheduling System v1.0, which originates from the lack of effective filtering and escaping of user-supplied data in the AcademicRank parameter of the file /admin/saveteacher.php in the...