Submit #825224: a4m4 Student-Management-System--PHP- 1.0 Authentication Bypassinfo

Titlea4m4 Student-Management-System--PHP- 1.0 Authentication Bypass
DescriptionThe access control mechanism at the top of almost every file in the `admin/` directory is insufficiently implemented. It checks for a valid session but, after sending a redirect header, fails to terminate script execution: ```php session_start(); if(isset($_SESSION['uid'])){ echo ""; } else { header('location: ../login.php'); } ``` Because there is no exit; or die; statement after the header() call, PHP continues to execute the rest of the script, rendering the full protected page (HTML, forms, sensitive data) and sending it to the client along with the 302 redirect. An attacker can simply ignore the redirect instruction and read the response body, thereby gaining unauthorised access to all administrative functionality.
Source⚠️ https://github.com/a4m4/Student-Management-System--PHP-/issues/2
User
 gscsd (UID 97914)
Submission05/11/2026 05:59 (2 months ago)
Moderation05/31/2026 16:16 (20 days later)
StatusAccepted
VulDB entry367550 [a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0 Admin Endpoint admin/ uid redirect]
Points20

Do you want to use VulDB in your project?

Use the official API to access entries easily!