Vulnerabilities > Chronoengine > Chronoforums

DATE CVE VULNERABILITY TITLE RISK
2022-01-12 CVE-2021-28376 Path Traversal vulnerability in Chronoengine Chronoforums 7.0.7
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.
network
low complexity
chronoengine CWE-22
4.0
4.0
2022-01-12 CVE-2021-28377 Path Traversal vulnerability in Chronoengine Chronoforums 2.0.11
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
network
low complexity
chronoengine CWE-22
5.0
5.0
2020-11-16 CVE-2020-27459 Cross-site Scripting vulnerability in Chronoengine Chronoforums 2.0.11
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post.
network
low complexity
chronoengine CWE-79
6.1
6.1