[SECURITY] Authentication Bypass - Missing exit() after header redirect

[XavLimSG]

Hi @chetans9,

I've identified a critical authentication bypass vulnerability in includes/auth_validate.php (lines 6-8) that allows unauthenticated access to protected pages including customer data.

Severity: Critical (CVSS 9.1)
CWE: CWE-287 (Improper Authentication)

I have a working proof-of-concept and remediation guidance ready to share privately.