Chronoforms
by Chronoengine
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-0567 | 0.06 | — | 0.34 | Feb 5, 2008 | Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3)… | |||
| CVE-2022-47135 | 0.00 | — | 0.00 | May 25, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions. | |||
| CVE-2021-28376 | 0.00 | — | 0.01 | Jan 12, 2022 | ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files. |
- CVE-2008-0567Feb 5, 2008risk 0.06cvss —epss 0.34
Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3)…
- CVE-2022-47135May 25, 2023risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions.
- CVE-2021-28376Jan 12, 2022risk 0.00cvss —epss 0.01
ChronoForms 7.0.7 allows fname Directory Traversal to read arbitrary files.