Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chronoengine vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-47135
Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions.
Chronoengine Chronoforms
NA
CVE-2008-0567
Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3...
Chronoengine Chronoforms 2.3.5
1 EDB exploit
2.7
CVSSv3
CVE-2021-28376
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
Chronoengine Chronoforums 7.0.7
5.3
CVSSv3
CVE-2021-28377
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
Chronoengine Chronoforums 2.0.11
6.1
CVSSv3
CVE-2020-27459
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.
Chronoengine Chronoforums 2.0.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started