Browse all 4 CVE security advisories affecting formtools.org. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Formtools.org provides open-source form building and management solutions for web applications. Historically, the platform has been susceptible to cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities, often stemming from improper input validation and insecure file handling. The project maintains a moderate security posture with four disclosed CVEs, primarily affecting older versions. While no major public security incidents have been documented, the presence of RCE vulnerabilities in past releases indicates potential risks for unpatched implementations. Regular updates and proper input sanitization remain critical for secure deployment of this form management tool.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-6937 | formtools.org Form Tools Import Option List edit.php curl_exec file inclusion — Form ToolsCWE-73 | 2.7 | Low | 2024-07-21 |
| CVE-2024-6936 | formtools.org Form Tools Setting code injection — Form ToolsCWE-94 | 2.7 | Low | 2024-07-21 |
| CVE-2024-6935 | formtools.org Form Tools User Settings Page cross site scripting — Form ToolsCWE-79 | 2.4 | Low | 2024-07-21 |
| CVE-2024-6934 | formtools.org Form Tools cross site scripting — Form ToolsCWE-79 | 2.4 | Low | 2024-07-21 |
This page lists every published CVE security advisory associated with formtools.org. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.