关键漏洞信息 Title: https://code-projects.org/ Blog Site In PHP With Source Code 1.0 Unauthorized Description: - The file acts as the central administration panel for the blog system, used for publishing, editing, deleting posts, managing comments, and configuring system settings. - The vulnerability arises due to the lack of proper authentication and authorization checks in the file, allowing direct access via URL without verifying the user's login or privileges. - Consequences: - Unauthorized access to the administrative dashboard. - Potential for data leakage, system configuration changes, or content compromise through crafted HTTP GET/POST requests. Source: https://github.com/Yohane-Mashiro/cve/blob/main/Unauthorized.md User: Yohane-Mashiro (UID 92825) Submission: 11/20/2025 05:25 PM Moderation: 11/23/2025 08:54 AM Status: Accepted VulDB Entry: [333340 (code-projects Blog Site 1.0 /admin.php improper authorization)] Points: 20