• Drupal Core is prone to a denial of service vulnerability. Exploiting this issue may allow an attacker to cause the affected website to consume memory and CPU resources, thus denying service to legitimate users. Drupal Core versions 6.x ranging from 6.0 and up to and including 6.32 are vulnerable.

• Update to Drupal Core version 6.33 or latest

• • http://www.breaksec.com/?p=6362
  • http://mashable.com/2014/08/06/wordpress-xml-blowup-dos/
  • https://www.drupal.org/SA-CORE-2014-004

• 

• CVE-2014-5265

  CVE-2014-5266

  CVE-2014-5267

• CWE-400

• Missing Update Denial Of Service

• WordPress Plugin Post Logo Cross-Site Scripting (1.1b)
• WordPress Plugin History Collection Arbitrary File Download (1.1.1)
• WordPress Plugin Tierra's Billboard Manager SQL Injection (1.14)
• WordPress Plugin Giveaway Boost PHP Object Injection (2.1.2)
• WordPress Plugin Mobiloud-Native Mobile Apps for your WordPress site (iPhone, iPad, Android) Multiple Cross-Site Scripting Vulnerabilities (2.3.7)