← Back

2bits

3 CVEs • 2 products

Products (2)

Click to collapse
Toggle
Currency
currency
2 CVEs
Userpoints
userpoints
1 CVE

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-10930
12bits
1Currency
Dec 12, 2025
Oct 30, 2025
N/A· v4
4.3 MEDIUM· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in Drupal Currency allows Cross Site Request Forgery.This issue affects Currency: from 0.0.0 before 3.5.0.
CVE-2010-1074
12bits
1Currency
Apr 29, 2026
Mar 23, 2010
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in the Currency Exchange module before 6.x-1.2 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to watchdog logging.
CVE-2009-3782
12bits
1Userpoints
Apr 23, 2026
Oct 26, 2009
N/A· v4
N/A· v3
3.5 LOW· v2
Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with "View own userpoints" permissions to read the userpoint data of arbitrary users via unknown attack v...Show more
Unspecified vulnerability in Userpoints 6.x before 6.x-1.1, a module for Drupal, allows remote authenticated users with "View own userpoints" permissions to read the userpoint data of arbitrary users via unknown attack vectors.Show less