Projectworlds

Online Time Table Generator

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2025-70146

Exploit
  • EPSS 0.36%
  • Veröffentlicht 18.02.2026 00:00:00
  • Zuletzt bearbeitet 20.02.2026 20:07:49

Missing authentication in multiple administrative action scripts under /admin/ in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to perform unauthorized administrative operations (e.g.,adding records, deleting records) via dire...

7.5

CVE-2025-70147

Exploit
  • EPSS 0.18%
  • Veröffentlicht 18.02.2026 00:00:00
  • Zuletzt bearbeitet 20.02.2026 20:07:38

Missing authentication in /admin/student.php and /admin/teacher.php in ProjectWorlds Online Time Table Generator 1.0 allows remote attackers to obtain sensitive information (including plaintext password field values) via direct HTTP GET requests to t...

9.8

CVE-2025-5008

Exploit
  • EPSS 0.07%
  • Veröffentlicht 20.05.2025 23:00:12
  • Zuletzt bearbeitet 28.08.2025 14:43:58

A vulnerability was found in projectworlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_teacher.php. The manipulation of the argument e leads to sql inject...

9.8

CVE-2025-5004

Exploit
  • EPSS 0.07%
  • Veröffentlicht 20.05.2025 22:31:04
  • Zuletzt bearbeitet 28.08.2025 14:44:28

A vulnerability was found in projectworlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /admin/add_course.php. The manipulation of the argument c/subname leads to sql injection. Th...

9.8

CVE-2025-5003

Exploit
  • EPSS 0.07%
  • Veröffentlicht 20.05.2025 22:00:13
  • Zuletzt bearbeitet 28.08.2025 14:44:10

A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semester_ajax.php. The manipulation of the argument ID leads to sql injection. The attack...

9.8

CVE-2025-3042

Exploit
  • EPSS 0.33%
  • Veröffentlicht 01.04.2025 01:15:20
  • Zuletzt bearbeitet 09.07.2025 15:38:08

A vulnerability classified as critical was found in Project Worlds Online Time Table Generator 1.0. This vulnerability affects unknown code of the file /student/updateprofile.php. The manipulation of the argument pic leads to unrestricted upload. The...

9.8

CVE-2025-3041

Exploit
  • EPSS 0.33%
  • Veröffentlicht 01.04.2025 00:15:15
  • Zuletzt bearbeitet 09.07.2025 15:45:43

A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /admin/updatestudent.php. The manipulation of the argument pic leads to unrestricted upload. It is possi...

9.8

CVE-2025-3040

Exploit
  • EPSS 0.33%
  • Veröffentlicht 31.03.2025 23:15:30
  • Zuletzt bearbeitet 09.07.2025 16:17:32

A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_student.php. The manipulation of the argument pic leads to unrestr...

8.8

CVE-2025-2662

Exploit
  • EPSS 0.12%
  • Veröffentlicht 23.03.2025 20:15:12
  • Zuletzt bearbeitet 09.07.2025 01:02:12

A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been classified as critical. Affected is an unknown function of the file student/studentdashboard.php. The manipulation of the argument course leads to sql injection....

9.8

CVE-2025-2661

Exploit
  • EPSS 0.09%
  • Veröffentlicht 23.03.2025 19:31:04
  • Zuletzt bearbeitet 09.07.2025 01:11:30

A vulnerability was found in Project Worlds Online Time Table Generator 1.0 and classified as critical. This issue affects some unknown processing of the file /staff/index.php. The manipulation of the argument e leads to sql injection. The attack may...