CVE-2015-4395

EPSS 0.17% · P38 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-4395

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The HybridAuth Social Login module 7.x-2.x before 7.x-2.10 for Drupal stores passwords in plaintext when the "Ask user for a password when registering" option is enabled, which allows remote authenticated users with certain permissions to obtain sensitive information by leveraging access to the database.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Drupal HybridAuth Social Login模块信息泄露漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Drupal是Drupal社区所维护的一套用PHP语言开发的免费、开源的内容管理系统。HybridAuth Social Login是其中的一个使用社交网络账户在Drupal系统登陆和注册的模块。 Drupal HybridAuth Social Login模块7.x-2.10之前7.x-2.x版本中存在安全漏洞，该漏洞源于程序使用‘Ask user for a password when registering’选项时，以明文的形式存储密码。远程攻击者可通过访问数据库利用该漏洞以特定的权限获取敏感信息。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-4395

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-4395

请登录查看更多情报信息。

https://www.drupal.org/node/2475443x_refsource_CONFIRM
https://www.drupal.org/node/2475943x_refsource_MISC
http://www.securityfocus.com/bid/74364vdb-entryx_refsource_BID
http://www.openwall.com/lists/oss-security/2015/04/25/6mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2015-4395

Same Patch Batch · n/a · 2015-06-15 · 67 CVEs total

CVE-2015-4373		Drupal OG tabs模块跨站脚本漏洞
CVE-2015-4393		Drupal Services模块安全漏洞
CVE-2015-4392		Drupal Display Suite模块跨站脚本漏洞
CVE-2015-4391		Drupal CiviCRM private report模块跨站请求伪造漏洞
CVE-2015-4380		Drupal Linear Case模块跨站脚本漏洞
CVE-2015-4379		Drupal Webform Multiple File Upload模块跨站请求伪造漏洞
CVE-2015-4378		Drupal Crumbs模块跨站脚本漏洞
CVE-2015-4377		Drupal Petition模块跨站脚本漏洞
CVE-2015-4376		Drupal Profile2 Privacy模块跨站脚本漏洞
CVE-2015-4375		Drupal Chaos tool suite模块信息泄露漏洞
CVE-2015-4381		Drupal Invoice模块跨站脚本漏洞
CVE-2015-4372		Drupal Image Title模块跨站脚本漏洞
CVE-2015-4371		Drupal Perfecto模块开放重定向漏洞
CVE-2015-4370		Drupal Site Documentation模块跨站脚本漏洞
CVE-2015-4369		Drupal Trick Question模块跨站脚本漏洞
CVE-2015-4368		Drupal Commerce Ogone模块权限许可和访问控制漏洞
CVE-2015-4367		Drupal Simple Subscription模块跨站脚本漏洞
CVE-2015-4366		Drupal Mover模块跨站脚本漏洞
CVE-2015-4365		Drupal Taxonomy Accordion模块跨站脚本漏洞
CVE-2015-4364		Drupal Campaign Monitor模块跨站请求伪造漏洞

Showing top 20 of 67 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-4395

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2015-4395

I. Basic Information for CVE-2015-4395

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2015-4395

III. Intelligence Information for CVE-2015-4395

Same Patch Batch · n/a · 2015-06-15 · 67 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2015-4395

Leave a comment