← Back

Ee Class

ee-class

Vendor: Formosasoft • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-9981
1Formosasoft
1Ee Class
Oct 17, 2024
Oct 15, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include th...Show more
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server.Show less
CVE-2024-9980
1Formosasoft
1Ee Class
Oct 17, 2024
Oct 15, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents.