Security Maarch LetterBox 2.8 Insecure Cookie Handling November 17, 2014 007admin Leave a comment Maarch LetterBox version 2.8 suffers from an authentication bypass vulnerability via SQL injection via a modified cookie.