formalms a learning management system. Used to build around the specific needs of corporate training. formalms versions prior to v.1.4.3 contain a SQL injection vulnerability that stems from the applicationβs lack of validation of externally entered SQL statements. An attacker could exploit this vulnerability to cause a time-based blind SQL injection vulnerability.