Broken Access Control 2

• CVE-2025-70146 - Online Time Table Generator 1.0: Unauthenticated Broken Access Control Allows Arbitrary Deletion Feb 21, 2026
• CVE-2025-70141 - Customer Support System 1.0: Unauthenticated Broken Access Control via ajax.php Feb 18, 2026