Vulnerabilities > Chronoengine > Chronoforums > 2.0.11

DATE CVE VULNERABILITY TITLE RISK
2022-01-12 CVE-2021-28377 Path Traversal vulnerability in Chronoengine Chronoforums 2.0.11
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
network
low complexity
chronoengine CWE-22
5.3
5.3
2020-11-16 CVE-2020-27459 Cross-site Scripting vulnerability in Chronoengine Chronoforums 2.0.11
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post.
network
low complexity
chronoengine CWE-79
6.1
6.1