CVE-2009-3782

Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with "View own userpoints" permissions to read the userpoint data of arbitrary users via unknown attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 44%
VendorProductVersion
2bitsuserpoints
6.x-1.0:x
2bitsuserpoints
6.x-1.x-dev:x
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://drupal.org/node/610818
http://drupal.org/node/610828
http://osvdb.org/59124
http://secunia.com/advisories/37123
http://www.securityfocus.com/bid/36786
http://www.vupen.com/english/advisories/2009/2998
https://exchange.xforce.ibmcloud.com/vulnerabilities/53896
http://drupal.org/node/610818
http://drupal.org/node/610828
http://osvdb.org/59124
http://secunia.com/advisories/37123
http://www.securityfocus.com/bid/36786
http://www.vupen.com/english/advisories/2009/2998
https://exchange.xforce.ibmcloud.com/vulnerabilities/53896