CVE-2024-6937 formtools.org Form Tools Import Option List edit.php curl_exec file inclusion

A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curlexec of the file /admin/forms/optionlists/edit.php of the component Import Option List. The manipulation of the argument url leads to file inclusion. It is possible to...

CVE-2024-6937 formtools.org Form Tools Import Option List edit.php curl_exec file inclusion

A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curlexec of the file /admin/forms/optionlists/edit.php of the component Import Option List. The manipulation of the argument url leads to file inclusion. It is possible to...

PT-2024-37975 · Unknown · Form Tools

Name of the Vulnerable Software and Affected Versions: Form Tools version 3.1.1 Description: A problematic issue was found in the Import Option List component, specifically affecting the curl exec function in the /admin/forms/option lists/edit.php file. The manipulation of the url argument leads ...

Diving Log 6.0 - XML External Entity Injection

Exploit Title: Diving Log 6.0 XXE Injection + Date: 27-11-2017 + Exploit Author: Trent Gordon + Vendor Homepage: http://www.divinglog.de + Software Link: http://www.divinglog.de/english/download/ + Disclosed at: https://thenopsled.com/divinglog.txt + Version: 6.0 + Tested on: Windows 7 SP1,...

FreeBSD : GitLab -- two vulnerabilities (abcc5ad3-7e6a-11e7-93f7-d43d7e971a1b)

GitLab reports : Remote Command Execution in git client An external code review performed by Recurity-Labs identified a remote command execution vulnerability in git that could be exploited via the 'Repo by URL' import option in GitLab. The command line git client was not properly escaping comman...