Vulnerabilities > Google Authenticator Login Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-05-29 | CVE-2013-4178 | Improper Authentication vulnerability in Google Authenticator Login Project GA Login The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP). | 5.0 |
| 2014-05-29 | CVE-2013-4177 | Permissions, Privileges, and Access Controls vulnerability in Google Authenticator Login Project GA Login The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal does not properly identify user account names, which might allow remote attackers to bypass the two-factor authentication requirement via unspecified vectors. | 5.0 |
| 2013-03-27 | CVE-2013-0258 | Improper Authentication vulnerability in Google Authenticator Login Project GA Login 7.X1.0/7.X1.1/7.X1.2 The Google Authenticator login (ga_login) module 7.x before 7.x-1.3 for Drupal, when multi-factor authentication is enabled, allows remote attackers to bypass authentication for accounts without an associated Google Authenticator token by logging in with the username. | 6.8 |