Authorization Bypass Vulnerability in Farktor E-Commerce Package
CVE-2025-13004

6.3MEDIUM

Key Information:

Vendor: Farktor Software E-commerce Services Inc.
Status: E-commerce Package
Vendor: CVE Published:; 12 February 2026

🔔 Create Farktor Software E-commerce Services Inc. Vulnerability Alert

What is CVE-2025-13004?

A vulnerability in Farktor Software’s E-Commerce Package allows for authorization bypass due to improper validation of user-controlled variables. This allows attackers to manipulate certain inputs, potentially granting unauthorized access to sensitive areas of the application. Implementing robust input validation and user authentication measures is essential to mitigate this issue and protect user data.

Affected Version(s)

E-Commerce Package 0 <= 27112025

References

https://www.usom.gov.tr/bildirim/tr-26-0063

third-party-advisory

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2026
Vulnerability Reserved
Nov 11, 2025

Credit

Berat ARSLAN

CVE-2025-13004 Data

JSON