High severity7.5NVD Advisory· Published Feb 3, 2026· Updated Apr 15, 2026
CVE-2025-70758
CVE-2025-70758
Description
chetans9 core-php-admin-panel through commit a94a780d6 contains an authentication bypass vulnerability in includes/auth_validate.php. The application sends an HTTP redirect via header(Location:login.php) when a user is not authenticated but fails to call exit() afterward. This allows remote unauthenticated attackers to access protected pages.customer database.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <= a94a780d6
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.