Formtools Form_tools
10 CVEs affecting Formtools Form_tools. Latest disclosed: 2024-07-21. Critical: 1, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-22718 | Critical | 9.6 | 2024-04-11 | Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the client_id parameter in the application URL. |
CVE-2024-22719 | High | 8.1 | 2024-04-11 | SQL Injection vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary SQL commands via the 'keyword' when searching for a client. |
CVE-2024-22722 | High | 7.2 | 2024-04-11 | Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field under the add forms… |
CVE-2024-22721 | Medium | 6.3 | 2024-04-11 | Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link. |
CVE-2024-22717 | Medium | 6.1 | 2024-04-11 | Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the First Name field in the application. |
CVE-2024-22637 | Medium | 6.1 | 2024-01-25 | Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /form_builder/preview.php?form_id=2. |
CVE-2024-6937 | Low | 2.7 | 2024-07-21 | A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_exec of the file /admin/forms/… |
CVE-2024-6936 | Low | 2.7 | 2024-07-21 | A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1. This issue affects some unknown processing of the file… |
CVE-2024-6935 | Low | 2.4 | 2024-07-21 | A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. This vulnerability affects unknown code of the file /admin/clients/ of t… |
CVE-2024-6934 | Low | 2.4 | 2024-07-21 | A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. This affects an unknown part of the file /admin/forms/add/step2.php… |