Bitrix E Store Module

DATE	CVE	VULNERABILITY TITLE	RISK
2014-05-30	CVE-2013-6788	Improper Authentication vulnerability in Bitrix E-Store Module The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack. network low complexity bitrix CWE-287	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.