RSS   Vulnerabilities for 'Bitrix e-store module'   RSS

2014-05-30
 
CVE-2013-6788

CWE-287
 

 
The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack.

 

 >>> Vendor: Bitrix 5 Products
Bitrix site manager
Bitrix e-store module
Xscan
Mpbuilder
Bitrix24


Copyright 2024, cxsecurity.com

 

Back to Top