Chronoforms 5.0.13 and previous versions include PHP Mailer library vulnerable to CVE-2016-10045
Resolution: update to 5.0.14
Update notice: https://www.chronoengine.com/forums/posts/t102804/p363944/phpmailer-library.html
-
Home
-
Vulnerable Extensions
-
Resolved Extensions
- Chronoforms 5.0.13 PHP mailer vulnerability
Vulnerable Extensions
- osTicky2, , Other
- EasyShop, 1.4.1, XSS (Cross Site Scripting)
- LivingWord, , XSS (Cross Site Scripting)
- Plugin Creative Gallery , , SQL Injection
- Proforms Basic via sort_order parameter, , SQL Injection
- EXTPLORER, 2.1.15, XSS (Cross Site Scripting)
- LM-CUSTOM-ADMIN, , Other
- admirror gallery, , XSS (Cross Site Scripting)
- Proforms Basic Joomla Module, , Other
- acymailing, pre 8.7.0 , Other
Resolved Extensions
- HikaShop, 5.1.1, XSS (Cross Site Scripting)
- Advanced custom fields, 2.7.7, SQL Injection
- Phoca Gallery, 5.0.0, XSS (Cross Site Scripting)
- HikaShop Starter 4.7.5 [2308101603], HikaShop Starter 4.7.5 [2308101603], XSS (Cross Site Scripting)
- LazyDbBackup, 3.9.0, Other
- Virtual Classroom, , SQL Injection
- bagallery , , Other
- Solidres, 2.13.3, XSS (Cross Site Scripting)
- Edocman 1.24.7 - XSS issue fixed
- quickform, , Other