Vulnerabilities > Google Authenticator Login Project > GA Login > 6.x.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-05-29 | CVE-2013-4178 | Improper Authentication vulnerability in Google Authenticator Login Project GA Login The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal allows remote attackers to obtain access by replaying the username, password, and one-time password (OTP). | 5.0 |
2014-05-29 | CVE-2013-4177 | Permissions, Privileges, and Access Controls vulnerability in Google Authenticator Login Project GA Login The Google Authenticator login module 6.x-1.x before 6.x-1.2 and 7.x-1.x before 7.x-1.4 for Drupal does not properly identify user account names, which might allow remote attackers to bypass the two-factor authentication requirement via unspecified vectors. | 5.0 |