VYPR

ChronoForums

by ChronoForums

CVEs (2)

  • CVE-2020-27459MedNov 16, 2020
    risk 0.40cvss 6.1epss 0.01

    Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.

  • CVE-2021-28377MedJan 12, 2022
    risk 0.35cvss 5.3epss 0.08

    ChronoForums 2.0.11 allows av Directory Traversal to read arbitrary files.