Vulnerabilities (CVE)

Filtered by vendor Drupal Subscribe
Filtered by product User Karma Module
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-6276 2 Drupal, Joomla 2 User Karma Module, Joomla\! 2024-11-21 6.5 MEDIUM N/A
Multiple SQL injection vulnerabilities in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allow remote authenticated administrators to execute arbitrary SQL commands via (1) a content type or (2) a voting API value.
CVE-2008-6275 2 Drupal, Joomla 2 User Karma Module, Joomla\! 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in the User Karma module 5.x before 5.x-1.13 and 6.x before 6.x-1.0-beta1, a module for Drupal, allows remote attackers to inject arbitrary web script or HTML via unspecified messages.