NuytsTech Security

CVE-2013-6788

by ·

The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack.

Date published : 2014-05-30

http://www.securityfocus.com/bid/63606

http://www.bitrixsoft.com/products/cms/versions.php?module=sale

Tags: