Projectworlds Online Time Table Generator 1.0
Approved changes feed: RSS · Atom
cpe:2.3:a:projectworlds:online_time_table_generator:1.0:*:*:*:*:*:*:*
part: a version: 1.0 update: *
| Vendor | Projectworlds (1c49ba31-3767-5ff6-9610-c6dcb2aee835) |
|---|---|
| Product | Online Time Table Generator (df371848-ac22-5a65-98e4-db2a67050936) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-70147 |
vulnerable | 2026-06-03 15:12:29.597565 |
Details available
Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information (including plaintext password field values) via direct HTTP GET requests to these endpoints without a valid session.
Published: 2026-02-18T00:00:00.000Z
Updated: 2026-02-18T18:34:45.204Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-70146 |
vulnerable | 2026-06-03 15:12:29.597182 |
Details available
Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations (e.g.,adding records, deleting records) via direct HTTP requests to affected endpoints without a valid session.
Published: 2026-02-18T00:00:00.000Z
Updated: 2026-02-18T18:37:34.885Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-5008 |
vulnerable | 2026-06-03 15:06:26.734496 |
projectworlds Online Time Table Generator add_teacher.php sql injection
HIGH (7.3)
A vulnerability was found in projectworlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_teacher.php. The manipulation of the argument e leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.
Published: 2025-05-20T23:00:12.480Z
Updated: 2025-05-21T22:45:55.825Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-5004 |
vulnerable | 2026-06-03 15:06:26.727084 |
projectworlds Online Time Table Generator add_course.php sql injection
HIGH (7.3)
A vulnerability was found in projectworlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/add_course.php. The manipulation of the argument c/subname leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-05-20T22:31:04.152Z
Updated: 2025-05-21T14:11:50.255Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-5003 |
vulnerable | 2026-06-03 15:06:26.726589 |
projectworlds Online Time Table Generator semester_ajax.php sql injection
HIGH (7.3)
A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semester_ajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-05-20T22:00:13.596Z
Updated: 2025-05-21T14:13:26.436Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3042 |
vulnerable | 2026-06-03 15:01:03.436689 |
Project Worlds Online Time Table Generator updateprofile.php unrestricted upload
MEDIUM (6.3)
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-04-01T00:00:10.967Z
Updated: 2025-04-01T03:48:37.446Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3041 |
vulnerable | 2026-06-03 15:01:03.436208 |
Project Worlds Online Time Table Generator updatestudent.php unrestricted upload
MEDIUM (6.3)
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /admin/updatestudent.php. The manipulation of the argument pic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-31T23:31:04.411Z
Updated: 2025-04-01T03:50:36.470Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-3040 |
vulnerable | 2026-06-03 15:01:03.435722 |
Project Worlds Online Time Table Generator add_student.php unrestricted upload
MEDIUM (6.3)
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_student.php. The manipulation of the argument pic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-31T23:00:11.861Z
Updated: 2025-04-01T03:51:50.285Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2662 |
vulnerable | 2026-06-03 15:00:26.211683 |
Project Worlds Online Time Table Generator studentdashboard.php sql injection
MEDIUM (6.3)
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been classified as critical. Affected is an unknown function of the file student/studentdashboard.php. The manipulation of the argument course leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T20:00:09.228Z
Updated: 2025-03-24T16:36:42.643Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2661 |
vulnerable | 2026-06-03 15:00:26.211313 |
Project Worlds Online Time Table Generator index.php sql injection
HIGH (7.3)
A vulnerability was found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /staff/index.php. The manipulation of the argument e leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T19:31:04.626Z
Updated: 2025-03-24T16:55:20.121Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2660 |
vulnerable | 2026-06-03 15:00:26.210795 |
Project Worlds Online Time Table Generator index.php sql injection
HIGH (7.3)
A vulnerability has been found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument e leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T19:00:06.766Z
Updated: 2025-03-24T17:03:21.581Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-2659 |
vulnerable | 2026-06-03 15:00:26.210307 |
Project Worlds Online Time Table Generator index.php sql injection
HIGH (7.3)
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /student/index.php. The manipulation of the argument e leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T18:31:03.927Z
Updated: 2025-03-24T13:47:58.107Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-10447 |
vulnerable | 2026-06-03 14:54:11.744945 |
Project Worlds Online Time Table Generator staffdashboard.php sql injection
MEDIUM (6.3)
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. Affected by this vulnerability is an unknown functionality of the file /timetable/staff/staffdashboard.php?info=updateprofile. The manipulation of the argument n leads to sql injection. The attack can be launched remotely.
Published: 2024-10-28T13:00:06.746Z
Updated: 2024-10-28T13:38:45.802Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-10446 |
vulnerable | 2026-06-03 14:54:11.744403 |
Project Worlds Online Time Table Generator admindashboard.php sql injection
MEDIUM (6.3)
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. Affected is an unknown function of the file /timetable/admin/admindashboard.php?info=add_course. The manipulation of the argument c leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2024-10-28T11:31:05.540Z
Updated: 2024-10-28T11:59:31.911Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-0730 |
vulnerable | 2026-06-03 14:54:03.484935 |
Project Worlds Online Time Table Generator course_ajax.php sql injection
MEDIUM (6.3)
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file course_ajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251553 was assigned to this vulnerability.
Published: 2024-01-19T19:00:05.542Z
Updated: 2024-11-13T17:39:07.617Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.