Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in Form Tools through 3.0.20. SQL Injection can occur via the export_group_id field when a low-privileged user (client) tries to export a form with data, e.g., manipulation of modules/export_manager/export.php?export_group_id=1&export_group_1_results=all&export_type_id=1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Form Tools SQL注入漏洞
Vulnerability Description
Form Tools是开源的一个表单工具脚本、模块、主题和 API 的代码库。 Form Tools 存在SQL注入漏洞,该漏洞源于从 3.0.20 开始,在 Form Tools 中发现了一个问题。 当低权限用户(客户端)尝试导出包含数据的表单时,例如,操作 modules/export_manager/export.php?export_group_id=1&export_group_1_results=all&export_type_id=1 时,可以通过 export_group_id 字段发生
CVSS Information
N/A
Vulnerability Type
N/A