Approved changes feed: RSS · Atom

cpe:2.3:a:project_worlds:online_time_table_generator:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorProject Worlds (9a714a5b-bbd6-5405-8692-fd5216acc0a5)
ProductOnline Time Table Generator (10677822-3142-523b-bcf7-59edb7b8c4a0)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-3042 vulnerable 2026-06-08 07:23:07.874332 Project Worlds Online Time Table Generator updateprofile.php unrestricted upload
MEDIUM (6.3)
A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-04-01T00:00:10.967Z
Updated: 2025-04-01T03:48:37.446Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-3041 vulnerable 2026-06-08 07:23:07.873932 Project Worlds Online Time Table Generator updatestudent.php unrestricted upload
MEDIUM (6.3)
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /admin/updatestudent.php. The manipulation of the argument pic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-31T23:31:04.411Z
Updated: 2025-04-01T03:50:36.470Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-3040 vulnerable 2026-06-08 07:23:07.872395 Project Worlds Online Time Table Generator add_student.php unrestricted upload
MEDIUM (6.3)
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_student.php. The manipulation of the argument pic leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-31T23:00:11.861Z
Updated: 2025-04-01T03:51:50.285Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2662 vulnerable 2026-06-08 07:16:58.001437 Project Worlds Online Time Table Generator studentdashboard.php sql injection
MEDIUM (6.3)
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been classified as critical. Affected is an unknown function of the file student/studentdashboard.php. The manipulation of the argument course leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T20:00:09.228Z
Updated: 2025-03-24T16:36:42.643Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2661 vulnerable 2026-06-08 07:16:58.000745 Project Worlds Online Time Table Generator index.php sql injection
HIGH (7.3)
A vulnerability was found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /staff/index.php. The manipulation of the argument e leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Published: 2025-03-23T19:31:04.626Z
Updated: 2025-03-24T16:55:20.121Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2660 vulnerable 2026-06-08 07:16:58.000336 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-2659 vulnerable 2026-06-08 07:16:57.998539 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-10447 vulnerable 2026-06-08 06:23:46.602231 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-10446 vulnerable 2026-06-08 06:23:46.600428 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-0730 vulnerable 2026-06-08 06:22:02.014960 db.gcve.eu details were skipped to keep the page responsive. Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.