Max CVSS | 6.8 | Min CVSS | 5.0 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-9016 | 5.0 |
The password hashing API in Drupal 7.x before 7.34 and the Secure Password Hashes (aka phpass) module 6.x-2.x before 6.x-2.1 for Drupal allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted request.
|
20-04-2021 - 12:50 | 24-11-2014 - 15:59 | |
CVE-2014-9015 | 6.8 |
Drupal 6.x before 6.34 and 7.x before 7.34 allows remote attackers to hijack sessions via a crafted request, as demonstrated by a crafted request to a server that supports both HTTP and HTTPS sessions.
|
20-12-2018 - 17:53 | 24-11-2014 - 15:59 |