| Max CVSS | 4.3 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-4594 | 4.3 |
The Payment for Webform module 7.x-1.x before 7.x-1.5 for Drupal does not restrict access by anonymous users, which allows remote anonymous users to use the payment of other anonymous users when submitting a form that requires payment.
|
31-10-2014 - 01:16 | 25-10-2014 - 22:55 | |
| CVE-2013-4599 | 4.3 |
The Misery module 6.x-2.x before 6.x-2.5 and 7.x-2.x before 7.x-2.2 for Drupal, when the "delay misery" configuration is set to a high value, allows remote attackers to cause a denial of service (process consumption) via multiple requests.
|
25-06-2014 - 16:59 | 09-06-2014 - 19:55 | |
| CVE-2013-4595 | 4.3 |
The Secure Pages module 6.x-2.x before 6.x-2.0 for Drupal does not properly match URLs, which causes HTTP to be used instead of HTTPS and makes it easier for remote attackers to obtain sensitive information via a crafted web page.
|
24-06-2014 - 15:37 | 09-06-2014 - 19:55 | |
| CVE-2013-4597 | 4.0 |
The Revisioning module 7.x-1.x before 7.x-1.6 for Drupal does not properly check node access permissions for content marked unpublished by the Scheduled module, which allows remote authenticated users to obtain sensitive information via unspecified v
|
24-06-2014 - 15:10 | 09-06-2014 - 19:55 |