Chronoengine Chronoforms vulnerabilities
2 known vulnerabilities affecting chronoengine/chronoforms.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2008-0567P3HIGHCVSS 7.5PoCv2.3.52008-02-05
CVE-2008-0567 [HIGH] CWE-94 CVE-2008-0567: Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2
Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms (com_chronocontact) 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) PPS/File.php, (2) Writer.php, and (3) PPS.php in excelwriter/; and (4) BIFFwriter.php, (5) Workbook.php, (6) Worksheet
nvd
CVE-2022-47135P4HIGHCVSS 8.8≤ 7.0.92023-05-25
CVE-2022-47135 [HIGH] CWE-352 CVE-2022-47135: Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 vers
Cross-Site Request Forgery (CSRF) vulnerability in chronoengine.Com Chronoforms plugin <= 7.0.9 versions.
nvd