CVE-2009-3782

EUVD-2009-3754
Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with "View own userpoints" permissions to read the userpoint data of arbitrary users via unknown attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 43%
Affected Products (NVD)
VendorProductVersion
2bitsuserpoints
6.x-1.0:x
2bitsuserpoints
6.x-1.x-dev:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/610818
http://drupal.org/node/610828
http://osvdb.org/59124
http://secunia.com/advisories/37123
http://www.securityfocus.com/bid/36786
http://www.vupen.com/english/advisories/2009/2998
https://exchange.xforce.ibmcloud.com/vulnerabilities/53896
http://drupal.org/node/610818
http://drupal.org/node/610828
http://osvdb.org/59124
http://secunia.com/advisories/37123
http://www.securityfocus.com/bid/36786
http://www.vupen.com/english/advisories/2009/2998
https://exchange.xforce.ibmcloud.com/vulnerabilities/53896