CVE-2025-70758 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an H…
High CVSS: 7.5

CVE-2025-70758

chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an HTTP redirect via header(Location:login.php) when a user is not authenticated but fails to call exit() afterward. This allows remote unauthenticated attackers to access protected pages.customer database.
Vendor
-
Product
-
CWE
CWE-703
Yayın Tarihi
2026-02-03 18:16:18
Güncelleme
2026-02-11 18:16:07
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-703 HIGH 2026

Referanslar

https://github.com/XavLimSG/Vulnerability-Research/tree/main/CVE-2025-70758 https://github.com/chetans9/core-php-admin-panel https://github.com/chetans9/core-php-admin-panel/blob/master/includes/auth_validate.php