Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
chronoengine vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47135
Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions.
Chronoengine Chronoforms
7.5
CVSSv2
CVE-2008-0567
Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote malicious users to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3...
Chronoengine Chronoforms 2.3.5
1 EDB exploit
5
CVSSv2
CVE-2021-28377
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
Chronoengine Chronoforums 2.0.11
4.3
CVSSv2
CVE-2020-27459
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.
Chronoengine Chronoforums 2.0.11
4
CVSSv2
CVE-2021-28376
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
Chronoengine Chronoforums 7.0.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started