Every CVE whose affected-product data names Formtools Form Tools, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2024-22718 — CVSS 9.6 (critical): Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the client_id parameter in the…
CVE-2024-22719 — CVSS 8.1 (high): SQL Injection vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary SQL commands via the 'keyword' when searching for a…
CVE-2024-22722 — CVSS 7.2 (high): Server Side Template Injection (SSTI) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary commands via the Group Name field…
CVE-2024-22721 — CVSS 6.3 (medium): Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link.
CVE-2024-22637 — CVSS 6.1 (medium): Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /form_builder/preview.php…
CVE-2024-22717 — CVSS 6.1 (medium): Cross Site Scripting (XSS) vulnerability in Form Tools 3.1.1 allows attackers to run arbitrary code via the First Name field in the…
CVE-2024-6936 — CVSS 2.7 (low): A vulnerability, which was classified as problematic, has been found in formtools.org Form Tools 3.1.1. This issue affects some unknown…
CVE-2024-6937 — CVSS 2.7 (low): A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_exec of…
CVE-2024-6934 — CVSS 2.4 (low): A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. This affects an unknown part of the file…
CVE-2024-6935 — CVSS 2.4 (low): A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. This vulnerability affects unknown code of the file…