CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2009-0382
https://notcve.org/view.php?id=CVE-2009-0382
Unspecified vulnerability in Internationalization (i18n) Translation 5.x before 5.x-2.5, a module for Drupal, allows remote attackers with "translate node" permissions to bypass intended access restrictions and read unpublished nodes via unspecified vectors. Vulnerabilidad no especificada en Internationalization (i18n) Translation 5.x versiones anteriores a 5.x-2.5, un módulo de Drupal, permite a atacantes remotos con permisos "traducir nodo" evitar restricciones de acceso y leer nodos no públicos a través de vectores no especificados. • http://drupal.org/node/358958 http://secunia.com/advisories/33549 http://www.securityfocus.com/bid/33283 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 0CVE-2008-1977
https://notcve.org/view.php?id=CVE-2008-1977
Cross-site request forgery (CSRF) vulnerability in the Internationalization (i18n) Drupal module 5.x before 5.x-2.3 and 5.x-1.1, and 6.x before 6.x-1.0 beta 1, allows remote attackers to change node translation relationships via unspecified vectors. Vulnerabilidad falsificación de petición (CSRF) en el módulo de Drupal Internationalization (i18n) 5.x anteriores a 5.x-2.3 y 5.x-1.1, y 6.x anteriores a 6.x-1.0 beta 1, permite a atacantes remotos cambiar relaciones de traducción de nodos mediante vectores no especificados. • http://drupal.org/node/250344 http://secunia.com/advisories/29961 http://www.securityfocus.com/bid/28916 http://www.vupen.com/english/advisories/2008/1352/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41982 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 23EXPL: 0CVE-2008-1976
https://notcve.org/view.php?id=CVE-2008-1976
Multiple cross-site scripting (XSS) vulnerabilities in the Drupal modules (1) Internationalization (i18n) 5.x before 5.x-2.3 and 5.x-1.1 and 6.x before 6.x-1.0 beta 1; and (2) Localizer 5.x before 5.x-3.4, 5.x-2.1, and 5.x-1.11; allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. Múltiples vulnerabilidades de secuencias de órdenes en sitios cruzados (XSS) en los módulos de Drupal (1) Internacionalización (i18n) 5.x anteriores a 5.x-2.3 y 5.x-1.1 y 5.x anteriores a 6.x-1.0 beta 1; y (2) Localizador 5.x anteriores a 5.x-3.4, 5.x-2.1, y 5.x-1 permiten a atacantes remotos inyectar 'script' web o HTML de su elección mediante vectores no especificados. • http://drupal.org/node/250344 http://secunia.com/advisories/29961 http://www.securityfocus.com/bid/28916 http://www.vupen.com/english/advisories/2008/1352/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41977 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •