Vulnerabilities > Bitrix > Bitrix E Store Module
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-05-30 | CVE-2013-6788 | Improper Authentication vulnerability in Bitrix E-Store Module The Bitrix e-Store module before 14.0.1 for Bitrix Site Manager uses sequential values for the BITRIX_SM_SALE_UID cookie, which makes it easier for remote attackers to guess the cookie value and bypass authentication via a brute force attack. | 7.5 |