Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
login vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2013-2198
The Login Security module 6.x-1.x prior to 6.x-1.3 and 7.x-1.x prior to 7.x-1.3 for Drupal allows malicious users to bypass intended restrictions via a crafted username.
Login Security Project Login Security
Login Security Project Login Security 6.x-1.0
Login Security Project Login Security 6.x-1.x
Login Security Project Login Security 7.x-1.x
NA
CVE-2014-3882
Cross-site request forgery (CSRF) vulnerability in the Login rebuilder plugin prior to 1.2.0 for WordPress allows remote malicious users to hijack the authentication of arbitrary users.
12net Login Rebuilder
12net Login Rebuilder 1.1.2
12net Login Rebuilder 1.1.0
12net Login Rebuilder 1.0.2
12net Login Rebuilder 1.0.1
12net Login Rebuilder 1.0.0
12net Login Rebuilder 1.1.1
12net Login Rebuilder 1.0.3
NA
CVE-2015-4395
The HybridAuth Social Login module 7.x-2.x prior to 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote authenticated users with certain permissions to obtain sensitive information ...
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.1
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.2
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.3
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.4
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.9
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.0
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.5
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.7
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.6
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.8
NA
CVE-2015-5511
The HybridAuth Social Login module 7.x-2.x prior to 7.x-2.13 for Drupal allows remote malicious users to bypass the user registration by administrator only configuration and create an account via a social login.
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.0
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.7
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.8
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.5
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.6
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.1
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.2
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.9
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.10
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.11
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.3
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.4
Hybridauth Social Login Project Hybridauth Social Login 7.x-2.12
NA
CVE-2014-6312
Cross-site request forgery (CSRF) vulnerability in the Login Widget With Shortcode (login-sidebar-widget) plugin prior to 3.2.1 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks ...
Login Widget With Shortcode Project Login Widget With Shortcode 1.0.1
Login Widget With Shortcode Project Login Widget With Shortcode 2.0.2
Login Widget With Shortcode Project Login Widget With Shortcode 2.2.3
Login Widget With Shortcode Project Login Widget With Shortcode 2.2.4
Login Widget With Shortcode Project Login Widget With Shortcode
Login Widget With Shortcode Project Login Widget With Shortcode 2.0.1
Login Widget With Shortcode Project Login Widget With Shortcode 2.1.3
1 EDB exploit
NA
CVE-2002-1720
SQL injection vulnerability in Spooky Login 2.0 up to and including 2.5 allows remote malicious users to bypass authentication and gain privileges via the password field.
Outfront Spooky Login 2.0
Outfront Spooky Login 2.1
Outfront Spooky Login 2.2
Outfront Spooky Login 2.3
Outfront Spooky Login 2.4
Outfront Spooky Login 2.5
1 EDB exploit
NA
CVE-2015-8082
The Login Disable module 6.x-1.x prior to 6.x-1.1 and 7.x-1.x prior to 7.x-1.2 for Drupal does not properly load the user_logout function, which allows remote malicious users to bypass the logout protection mechanism by leveraging a contributed user authentication module, as demo...
Login Disable Project Login Disable 6.x-1.0
Login Disable Project Login Disable 7.x-1.0
Login Disable Project Login Disable 7.x-1.1
8.8
CVSSv3
CVE-2023-46777
Cross-Site Request Forgery (CSRF) vulnerability in Custom Login Page | Temporary Users | Rebrand Login | Login Captcha plugin <= 1.1.3 versions.
Featherplugins Custom Login Page \\| Temporary Users \\| Rebrand Login \\| Login Captcha
6.1
CVSSv3
CVE-2023-34175
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.
Login Configurator Project Login Configurator
4.8
CVSSv3
CVE-2023-34369
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in GrandSlambert Login Configurator plugin <= 2.1 versions.
Login Configurator Project Login Configurator
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
firmware
CVE-2006-4304
CVE-2024-32878
CVE-2024-31502
XSS
CVE-2024-3059
CVE-2024-33692
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »