RSS   Vulnerabilities for 'Chronoforums'   RSS

2022-01-12
 
CVE-2021-28376

CWE-22
 

 
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.

 
 
CVE-2021-28377

CWE-22
 

 
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.

 
2020-11-16
 
CVE-2020-27459

CWE-79
 

 
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.

 

 >>> Vendor: Chronoengine 2 Products
Chronoforms
Chronoforums


Copyright 2024, cxsecurity.com

 

Back to Top