Chronoforums

chronoforums

Vendor: Chronoengine • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-28377 1Chronoengine 1Chronoforums Nov 21, 2024 Jan 12, 2022 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
CVE-2021-28376 1Chronoengine 1Chronoforums Nov 21, 2024 Jan 12, 2022 N/A· v4 2.7 LOW· v3 4.0 MEDIUM· v2 ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
CVE-2020-27459 1Chronoengine 1Chronoforums Nov 21, 2024 Nov 16, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.