Joomla! ChronoForums 2.0.11 - Local File Inclusion

Joomla! ChronoForums 2.0.11 avatar function is vulnerable to local file inclusion through unauthenticated path traversal attacks. This enables an attacker to read arbitrary files, for example the Joomla! configuration file which contains credentials. id: CVE-2021-28377 info: name: Joomla!...

CVE-2022-47135

Cross-Site Request Forgery CSRF vulnerability in chronoengine.Com Chronoforms plugin = 7.0.9 versions...

ChronoEngine ChronoForms Path Traversal Vulnerability

ChronoEngine ChronoForms is ChronoEngine company an easy to use and flexible Joomla form builder . A path traversal vulnerability exists in ChronoEngine ChronoForms that stems from the product failing to properly filter for special elements in the path of a resource or file. An attacker could use...

ChronoEngine ChronoForms 路径遍历漏洞

ChronoEngine ChronoForms is an easy-to-use and flexible Joomla form builder from ChronoEngine. A path traversal vulnerability exists in ChronoEngine ChronoForms that stems from the product failing to properly filter for special elements in the path of a resource or file. An attacker could use thi...

ChronoEngine ChronoForms 路径遍历漏洞

ChronoEngine ChronoForms is ChronoEngine company an easy to use and flexible Joomla form builder . A path traversal vulnerability exists in ChronoEngine ChronoForms that stems from the product failing to properly filter for special elements in the path of a resource or file. An attacker could use...

Joomla! Component ChronoConnectivity - Blind SQL Injection

Joomla! Component ChronoConnectivity - Blind SQL Injection Exploit Title: Joomla Component ChronoConnectivity Date: 01, June 2010 Author: mlk Renan Software Link: http://bugsec.googlecode.com/files/joomlachronoconnectivity.zip Version: 0 Tested on: all OS CVE : 0 Code : here Joomla Component...

Joomla ChronoForms Blind SQL Injection

Exploit Title: Joomla Component ChronoForms comchronocontact Date: 01, June 2010 Author: mlk Renan Software Link:0 Version: 0 Tested on: all OS CVE : 0 Code : here Joomla Component ChronoForms comchronocontact - Blind SQL Injection Vulnerability ! Discovered by : mlk Renan ! Teams : c00kies ,...

Joomla Component com_chronocontact SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================================== Joomla Component comchronocontact SQL Injection Vulnerability ============================================================== Exploit Title: Joomla Component ChronoForms...

Joomla Component com_chronoconnectivity SQL Injection Vulnerability

Exploit for php platform in category web applications =================================================================== Joomla Component comchronoconnectivity SQL Injection Vulnerability =================================================================== Exploit Title: Joomla Component...

Joomla! Component ChronoConnectivity - Blind SQL Injection

Exploit Title: Joomla Component ChronoConnectivity Date: 01, June 2010 Author: mlk Renan Software Link: http://bugsec.googlecode.com/files/joomlachronoconnectivity.zip Version: 0 Tested on: all OS CVE : 0 Code : here Joomla Component ChronoConnectivity comchronoconnectivity - Blind SQL Injection...

Joomla! Component ChronoForms - Blind SQL Injection

Joomla! Component ChronoForms - Blind SQL Injection Exploit Title: Joomla Component ChronoForms comchronocontact Date: 01, June 2010 Author: mlk Renan Software Link:0 Version: 0 Tested on: all OS CVE : 0 Code : here Joomla Component ChronoForms comchronocontact - Blind SQL Injection Vulnerability...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms comchronocontact 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 PPS/File.php, 2 Writer.php, and 3 PPS.php in excelwriter/; and 4...

CVE-2008-0567

Multiple PHP remote file inclusion vulnerabilities in ChronoEngine ChronoForms comchronocontact 2.3.5 component for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 PPS/File.php, 2 Writer.php, and 3 PPS.php in excelwriter/; and 4...

CVE-2008-0567

CVE-2008-0567 affects ChronoEngine ChronoForms (com_chronocontact) 2.3.5 for Joomla!, enabling multiple PHP remote file inclusion via the mosConfig_absolute_path parameter. The vulnerability targets files in excelwriter/ (PPS/File.php, Writer.php, PPS.php) and excelwriter/Writer/ (BIFFwriter.php,...