Home/Product/formtools form tools
Product

formtools form tools

14 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-6937
all versions
A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_e
2.7LOW
 CVE-2024-6936
all versions
A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1. This issue affects some un
2.7LOW
 CVE-2024-6935
all versions
A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. This vulnerability affects unknown code of
2.4LOW
 CVE-2024-6934
all versions
A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. This affects an unknown part of the fi
2.4LOW
 CVE-2024-22722
all versions
Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group N
7.2HIGH
 CVE-2024-22721
all versions
Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted
6.3MEDIUM
 CVE-2024-22719
all versions
SQL Injection vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary SQL commands via the 'keyword' when searching fo
8.1HIGH
 CVE-2024-22718
all versions
Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the client_id parameter in
9.6CRITICAL
 CVE-2024-22717
all versions
Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the First Name field in th
6.1MEDIUM
 CVE-2024-22637
all versions
Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /form_builder/p
6.1MEDIUM
 CVE-2021-38145
<= 3.0.20
An issue was discovered in Form Tools through 3.0.20. SQL Injection can occur via the export_group_id field when a low-privileged
9.8CRITICAL
 CVE-2021-38144
<= 3.0.20
An issue was discovered in Form Tools through 3.0.20. A low-privileged user can trigger Reflected XSS when a viewing a form via th
5.4MEDIUM
 CVE-2021-38143
<= 3.0.20
An issue was discovered in Form Tools through 3.0.20. When an administrator creates a customer account, it is possible for the cus
6.1MEDIUM
 CVE-2007-6464
all versions
Multiple PHP remote file inclusion vulnerabilities in Form tools 1.5.0b allow remote attackers to execute arbitrary PHP code via a
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh