Chronoengine - Chronoforums CVE

Filtered by vendor Chronoengine Subscribe

Filtered by product Chronoforums

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-28377	1 Chronoengine	1 Chronoforums	2022-01-18	5.0 MEDIUM	5.3 MEDIUM
ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.
CVE-2020-27459	1 Chronoengine	1 Chronoforums	2020-11-21	4.3 MEDIUM	6.1 MEDIUM
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.

Vulnerabilities (CVE)