Critical severity9.8NVD Advisory· Published Jan 26, 2014· Updated Apr 29, 2026

CVE-2013-7137

Description

The "remember me" functionality in login.php in Burden before 1.8.1 allows remote attackers to bypass authentication and gain privileges by setting the burden_user_rememberme cookie to 1.

Affected products

Burden Project/Burden
cpe:2.3:a:burden_project:burden:*:*:*:*:*:*:*:*
Range: <1.8.1

Patches

edaa1bb8f73d

https://github.com/joshf/Burdenvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/joshf/Burden/commit/edaa1bb8f73d6f3c8b2e78b67f1b40e02fccd0c1nvdPatchThird Party Advisory
github.com/joshf/Burden/issues/2nvdIssue TrackingPatchThird Party Advisory
www.exploit-db.com/exploits/30916nvdExploitThird Party AdvisoryVDB Entry
www.securityfocus.com/archive/1/530703/100/0/threadednvdBroken LinkThird Party AdvisoryVDB Entry
github.com/joshf/Burden/releases/tag/1.8.1nvdRelease NotesThird Party Advisory
www.htbridge.com/advisory/HTB23192nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.008
exploit	0.030
kev	0.000
patch	-0.070
ransomware	0.000