Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2025-70147

CVE-2025-70147: Time Table Generator Info Disclosure Bug

CVE-2025-70147 is an information disclosure vulnerability in ProjectWorlds Online Time Table Generator 1.0 caused by missing authentication. Attackers can access sensitive data including passwords. This article covers technical details, affected versions, impact, and mitigation strategies.

Published:

CVE-2025-70147 Overview

CVE-2025-70147 is a missing authentication vulnerability in ProjectWorlds Online Time Table Generator 1.0. The affected endpoints /admin/student.php and /admin/teacher.php fail to implement proper session validation, allowing unauthenticated remote attackers to access sensitive information including plaintext password field values through direct HTTP GET requests.

Critical Impact

Unauthenticated attackers can directly access administrative endpoints to retrieve sensitive user data including plaintext passwords, potentially compromising all student and teacher accounts in the system.

Affected Products

  • ProjectWorlds Online Time Table Generator 1.0
  • /admin/student.php endpoint
  • /admin/teacher.php endpoint

Discovery Timeline

  • 2026-02-18 - CVE-2025-70147 published to NVD
  • 2026-02-18 - Last updated in NVD database

Technical Details for CVE-2025-70147

Vulnerability Analysis

This vulnerability is classified under CWE-306 (Missing Authentication for Critical Function). The administrative endpoints in the Online Time Table Generator application lack proper authentication checks, meaning any user—including unauthenticated attackers—can directly access these pages without establishing a valid session. The vulnerability is network-accessible, requires no privileges or user interaction to exploit, and results in high confidentiality impact due to the exposure of sensitive user data including plaintext passwords.

Root Cause

The root cause of this vulnerability is the complete absence of session validation logic in the /admin/student.php and /admin/teacher.php files. These PHP scripts do not verify whether the requesting user has an authenticated session before processing the request and returning sensitive data. This is a fundamental broken access control issue where critical administrative functionality is exposed without any authentication gate.

Attack Vector

The attack vector is straightforward: an attacker can simply navigate directly to the vulnerable endpoints using standard HTTP GET requests. No authentication credentials, session tokens, or special headers are required. The attacker receives the full response containing sensitive information including student and teacher records with plaintext password values. This could be performed from any network location that can reach the web application.

The exploitation process involves:

  1. Identifying a target instance of ProjectWorlds Online Time Table Generator 1.0
  2. Sending a direct HTTP GET request to /admin/student.php or /admin/teacher.php
  3. Receiving the full administrative data response including plaintext credentials
  4. Using the harvested credentials for further unauthorized access

Detection Methods for CVE-2025-70147

Indicators of Compromise

  • Unexpected HTTP GET requests to /admin/student.php or /admin/teacher.php from external IP addresses
  • Access to administrative endpoints without corresponding successful login events
  • High volume of requests to admin endpoints from single sources indicating automated credential harvesting
  • Evidence of credential reuse attacks following exposure of plaintext passwords

Detection Strategies

  • Implement web application firewall (WAF) rules to monitor and alert on unauthenticated access attempts to /admin/ paths
  • Configure server access logs to flag requests to sensitive endpoints that lack session cookies or authentication tokens
  • Deploy intrusion detection signatures for HTTP traffic patterns targeting the specific vulnerable endpoints
  • Monitor for anomalous access patterns to administrative functions

Monitoring Recommendations

  • Enable detailed access logging for all requests to the /admin/ directory
  • Implement real-time alerting for any access to /admin/student.php or /admin/teacher.php without valid authentication
  • Review web server logs regularly for evidence of exploitation attempts
  • Monitor for credential stuffing attacks that may indicate previously harvested credentials are being used

How to Mitigate CVE-2025-70147

Immediate Actions Required

  • Restrict network access to the application by placing it behind a VPN or firewall until patched
  • Implement HTTP Basic Authentication at the web server level for the /admin/ directory as a temporary measure
  • Force password resets for all user accounts if there is any indication the vulnerability has been exploited
  • Review access logs to identify potential prior exploitation

Patch Information

No official vendor patch has been identified for this vulnerability at this time. Organizations using ProjectWorlds Online Time Table Generator 1.0 should contact the vendor for remediation guidance or implement the workarounds described below. For more information about the vulnerability, see the Young Kevin CVE-2025-70147 Analysis and the Project Worlds Tool Overview.

Workarounds

  • Add server-level authentication using .htaccess to protect the /admin/ directory
  • Implement network-level restrictions to allow administrative access only from trusted IP addresses
  • Consider taking the application offline if it contains sensitive data until proper authentication can be implemented
  • Manually add PHP session validation code to the vulnerable files as a code-level fix
bash
# Apache .htaccess workaround for /admin/ directory
# Place this file in the /admin/ directory

AuthType Basic
AuthName "Restricted Admin Area"
AuthUserFile /path/to/.htpasswd
Require valid-user

# Deny all requests without authentication
Order deny,allow
Deny from all
Allow from 127.0.0.1
Satisfy any

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.